Privacy Policy

Last Updated: February 2025

Quantumlledget is committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, and safeguard your data in accordance with Singapore's Personal Data Protection Act (PDPA) and international privacy standards.

Information We Collect

Personal Information

We collect the following types of personal data:

  • Contact Information: Name, email address, phone number, mailing address
  • Professional Information: Job title, company name, industry, investment experience level
  • Financial Information: Portfolio size ranges, investment objectives, income brackets (when relevant to services)
  • Communication Data: Messages sent through contact forms, support requests, consultation notes

Technical Information

  • Usage Data: IP address, browser type, device information, pages visited, time spent
  • Cookie Data: Preferences, session information, analytics data (see our Cookie Policy)
  • Performance Data: Website interaction patterns, form completion rates, download activities

How We Use Your Information

Service Delivery

  • • Provide portfolio analysis and educational services
  • • Customize content based on your experience level
  • • Schedule and conduct consultations
  • • Deliver workshop materials and resources
  • • Process payments and maintain service records

Communication

  • • Respond to inquiries and support requests
  • • Send service updates and educational content
  • • Notify about new programs and opportunities
  • • Provide post-service follow-up and support
  • • Share relevant market insights (with consent)

Analytics & Improvement

  • • Analyze website usage and user behavior
  • • Improve service quality and user experience
  • • Develop new educational programs
  • • Optimize marketing and outreach efforts
  • • Measure service effectiveness and outcomes

Legal Compliance

  • • Comply with Singapore financial regulations
  • • Maintain records for tax and audit purposes
  • • Respond to legal requests and investigations
  • • Prevent fraud and ensure transaction security
  • • Meet international data protection requirements

Legal Basis for Processing

Consent

For marketing communications, optional analytics, and non-essential service features

Contract Performance

To provide requested services, process payments, and fulfill our contractual obligations

Legitimate Interest

For business operations, service improvement, fraud prevention, and security measures

Legal Obligation

For tax compliance, regulatory reporting, and law enforcement cooperation

Data Sharing and Disclosure

Third-Party Service Providers

We may share your information with trusted service providers who assist in:

  • Payment processing and financial transactions
  • Cloud hosting and data storage services
  • Email marketing and communication platforms
  • Analytics and website optimization tools
  • Customer support and help desk services

Legal Requirements

We may disclose your information when required by law, court order, or regulatory authority, or to protect our rights, property, or safety.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

Data Protection Measures

Technical Safeguards

  • • 256-bit SSL encryption for data transmission
  • • Encrypted storage with access controls
  • • Regular security audits and penetration testing
  • • Multi-factor authentication for system access
  • • Automated backup and disaster recovery
  • • Intrusion detection and monitoring systems

Administrative Safeguards

  • • Staff training on data protection principles
  • • Need-to-know access authorization policies
  • • Regular review of access permissions
  • • Incident response and breach notification procedures
  • • Data retention and secure disposal protocols
  • • Third-party vendor security assessments

Breach Notification

In the unlikely event of a data breach, we will notify affected individuals and relevant authorities within 72 hours, as required by applicable privacy laws.

Data Retention

Retention Periods

  • Contact form submissions: 3 years
  • Service delivery records: 5 years
  • Financial transaction data: 7 years
  • Marketing communications: Until consent withdrawn
  • Website analytics: 26 months (Google Analytics default)

Disposal Methods

  • • Secure deletion from all systems and backups
  • • Physical destruction of paper records
  • • Cryptographic erasure of encrypted data
  • • Certificate of destruction from vendors
  • • Audit trail of disposal activities

Data is retained only as long as necessary for the purposes outlined in this policy or as required by law. We regularly review and purge outdated information.

Your Privacy Rights

Access & Control

  • Right to Access: Request a copy of personal data we hold about you
  • Right to Rectification: Correct inaccurate or incomplete information
  • Right to Erasure: Request deletion of your personal data (subject to legal requirements)
  • Right to Portability: Receive your data in a structured, machine-readable format

Consent & Processing

  • Right to Withdraw Consent: Stop processing based on consent at any time
  • Right to Object: Object to processing based on legitimate interests
  • Right to Restriction: Limit how we process your data in certain circumstances
  • Right to Lodge Complaints: File complaints with supervisory authorities

How to Exercise Your Rights

To exercise any of these rights, contact us using the information below. We will respond within 30 days and may require identity verification.

International Data Transfers

Some of our service providers may be located outside Singapore. When we transfer your data internationally, we ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws
  • Standard Contractual Clauses: Approved contract terms ensuring data protection
  • Binding Corporate Rules: Internal policies for multinational service providers
  • Certification Schemes: Services certified under recognized privacy frameworks

Data Processing Locations: Primary data processing occurs within Singapore and other ASEAN countries with adequate data protection frameworks.

Data Protection Contact

Privacy Officer

Phone: +65 6238 4927

Data Protection Officer

Quantumlledget

8 Marina Boulevard, Marina Bay Financial Centre

Singapore 018981

Response Timeline

  • • Privacy inquiries: 3-5 business days
  • • Data access requests: 30 days maximum
  • • Correction requests: 14 days typical
  • • Deletion requests: 30 days maximum
  • • Complaint acknowledgment: 24-48 hours

Note: Complex requests may require additional time. We will notify you if extensions are needed.

Policy Updates

We review and update this Privacy Policy annually or when there are material changes to our practices. When updates occur:

  • We will update the "Last Updated" date at the top of this page
  • Significant changes will be highlighted through website notifications
  • We may send email notifications to registered users about material changes
  • Continued use of our services after changes constitutes acceptance
  • Previous versions are archived and available upon request

Recent Updates

  • • February 2025: Enhanced data retention schedules
  • • January 2025: Updated third-party processor list
  • • December 2024: Strengthened security measures section