Privacy Policy
Last Updated: February 2025
Quantumlledget is committed to protecting your privacy and ensuring the security of your personal information. This policy explains how we collect, use, and safeguard your data in accordance with Singapore's Personal Data Protection Act (PDPA) and international privacy standards.
Information We Collect
Personal Information
We collect the following types of personal data:
- Contact Information: Name, email address, phone number, mailing address
- Professional Information: Job title, company name, industry, investment experience level
- Financial Information: Portfolio size ranges, investment objectives, income brackets (when relevant to services)
- Communication Data: Messages sent through contact forms, support requests, consultation notes
Technical Information
- Usage Data: IP address, browser type, device information, pages visited, time spent
- Cookie Data: Preferences, session information, analytics data (see our Cookie Policy)
- Performance Data: Website interaction patterns, form completion rates, download activities
How We Use Your Information
Service Delivery
- • Provide portfolio analysis and educational services
- • Customize content based on your experience level
- • Schedule and conduct consultations
- • Deliver workshop materials and resources
- • Process payments and maintain service records
Communication
- • Respond to inquiries and support requests
- • Send service updates and educational content
- • Notify about new programs and opportunities
- • Provide post-service follow-up and support
- • Share relevant market insights (with consent)
Analytics & Improvement
- • Analyze website usage and user behavior
- • Improve service quality and user experience
- • Develop new educational programs
- • Optimize marketing and outreach efforts
- • Measure service effectiveness and outcomes
Legal Compliance
- • Comply with Singapore financial regulations
- • Maintain records for tax and audit purposes
- • Respond to legal requests and investigations
- • Prevent fraud and ensure transaction security
- • Meet international data protection requirements
Legal Basis for Processing
Consent
For marketing communications, optional analytics, and non-essential service features
Contract Performance
To provide requested services, process payments, and fulfill our contractual obligations
Legitimate Interest
For business operations, service improvement, fraud prevention, and security measures
Legal Obligation
For tax compliance, regulatory reporting, and law enforcement cooperation
Data Sharing and Disclosure
Third-Party Service Providers
We may share your information with trusted service providers who assist in:
- Payment processing and financial transactions
- Cloud hosting and data storage services
- Email marketing and communication platforms
- Analytics and website optimization tools
- Customer support and help desk services
Legal Requirements
We may disclose your information when required by law, court order, or regulatory authority, or to protect our rights, property, or safety.
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
Data Protection Measures
Technical Safeguards
- • 256-bit SSL encryption for data transmission
- • Encrypted storage with access controls
- • Regular security audits and penetration testing
- • Multi-factor authentication for system access
- • Automated backup and disaster recovery
- • Intrusion detection and monitoring systems
Administrative Safeguards
- • Staff training on data protection principles
- • Need-to-know access authorization policies
- • Regular review of access permissions
- • Incident response and breach notification procedures
- • Data retention and secure disposal protocols
- • Third-party vendor security assessments
Breach Notification
In the unlikely event of a data breach, we will notify affected individuals and relevant authorities within 72 hours, as required by applicable privacy laws.
Data Retention
Retention Periods
- Contact form submissions: 3 years
- Service delivery records: 5 years
- Financial transaction data: 7 years
- Marketing communications: Until consent withdrawn
- Website analytics: 26 months (Google Analytics default)
Disposal Methods
- • Secure deletion from all systems and backups
- • Physical destruction of paper records
- • Cryptographic erasure of encrypted data
- • Certificate of destruction from vendors
- • Audit trail of disposal activities
Data is retained only as long as necessary for the purposes outlined in this policy or as required by law. We regularly review and purge outdated information.
Your Privacy Rights
Access & Control
- Right to Access: Request a copy of personal data we hold about you
- Right to Rectification: Correct inaccurate or incomplete information
- Right to Erasure: Request deletion of your personal data (subject to legal requirements)
- Right to Portability: Receive your data in a structured, machine-readable format
Consent & Processing
- Right to Withdraw Consent: Stop processing based on consent at any time
- Right to Object: Object to processing based on legitimate interests
- Right to Restriction: Limit how we process your data in certain circumstances
- Right to Lodge Complaints: File complaints with supervisory authorities
How to Exercise Your Rights
To exercise any of these rights, contact us using the information below. We will respond within 30 days and may require identity verification.
International Data Transfers
Some of our service providers may be located outside Singapore. When we transfer your data internationally, we ensure adequate protection through:
- Adequacy Decisions: Transfers to countries with adequate data protection laws
- Standard Contractual Clauses: Approved contract terms ensuring data protection
- Binding Corporate Rules: Internal policies for multinational service providers
- Certification Schemes: Services certified under recognized privacy frameworks
Data Processing Locations: Primary data processing occurs within Singapore and other ASEAN countries with adequate data protection frameworks.
Data Protection Contact
Privacy Officer
Data Protection Officer
Quantumlledget
8 Marina Boulevard, Marina Bay Financial Centre
Singapore 018981
Response Timeline
- • Privacy inquiries: 3-5 business days
- • Data access requests: 30 days maximum
- • Correction requests: 14 days typical
- • Deletion requests: 30 days maximum
- • Complaint acknowledgment: 24-48 hours
Note: Complex requests may require additional time. We will notify you if extensions are needed.
Policy Updates
We review and update this Privacy Policy annually or when there are material changes to our practices. When updates occur:
- We will update the "Last Updated" date at the top of this page
- Significant changes will be highlighted through website notifications
- We may send email notifications to registered users about material changes
- Continued use of our services after changes constitutes acceptance
- Previous versions are archived and available upon request
Recent Updates
- • February 2025: Enhanced data retention schedules
- • January 2025: Updated third-party processor list
- • December 2024: Strengthened security measures section