Privacy Policy

Introduction

cortexxxia is committed to protecting the privacy and security of personal data entrusted to us. This Privacy Policy explains how we collect, use, disclose, and protect information gathered through our website and professional services. Our practices comply with Singapore's Personal Data Protection Act (PDPA) and align with international data protection standards.

This policy applies to all data subjects who interact with cortexxxia, including website visitors, prospective clients, current clients, and business contacts. By using our services or providing personal information, you acknowledge and consent to the practices described herein.

Information We Collect

Contact Information

• Name, job title, and organization affiliation
• Email addresses and telephone numbers
• Business addresses and correspondence details
• Professional credentials and qualifications where relevant

Usage Data

• Website interaction patterns and page visits
• Device information including browser type and operating system
• IP addresses and general geographic location
• Referral sources and navigation paths

Communication Data

• Content of inquiries and consultation requests
• Correspondence through email, phone, or contact forms
• Project documentation and collaboration materials
• Feedback and survey responses

Cookie Data

• Essential cookies for website functionality
• Analytics cookies tracking aggregate usage patterns
• Preference cookies storing user settings
• Marketing cookies for relevant advertising (with consent)

Collection methods include direct provision through forms, automated collection via website technologies, and information received from third-party platforms where you have authorized sharing.

Legal Basis for Processing

We process personal data under the following legal grounds:

How We Use Your Information

Personal data is processed for the following purposes:

• Service Provision: Delivering consulting services, responding to inquiries, and managing client engagements
• Communication: Sending service updates, project information, and responding to correspondence
• Improvement: Analyzing usage patterns to enhance service quality and website functionality
• Security: Protecting against unauthorized access, fraud, and security threats
• Compliance: Meeting legal obligations including financial reporting and regulatory requirements
• Marketing: Sharing relevant information about services with your consent, which may be withdrawn anytime

Data Retention

We retain personal data only as long as necessary for legitimate business purposes or legal requirements:

• Active Client Data: Duration of engagement plus seven years for tax and regulatory compliance
• Prospective Client Data: Two years from last interaction unless consent withdrawn
• Marketing Data: Until consent withdrawn or two years of inactivity
• Website Analytics: Aggregated data retained indefinitely; individual data 26 months

Upon retention period expiration, data is securely deleted or anonymized. Earlier deletion may be requested subject to legal retention obligations.

Data Security

We implement comprehensive technical and organizational measures to protect personal data:

• Encryption of data in transit and at rest using industry-standard protocols
• Access controls restricting data availability to authorized personnel only
• Regular security assessments and vulnerability testing
• Staff training on data protection responsibilities and best practices
• Incident response procedures for potential data breaches
• Secure backup systems with tested recovery procedures

While we employ robust security measures, no system is entirely invulnerable. We maintain incident response protocols and will notify affected parties of any material breach as required by applicable law.

Your Rights

You have the following rights regarding personal data:

• Access: Request confirmation of data processing and copies of your personal information
• Rectification: Correct inaccurate or incomplete personal data
• Erasure: Request deletion of personal data where legally permissible
• Restriction: Limit processing under certain circumstances
• Portability: Receive your data in structured, commonly-used format
• Objection: Object to processing based on legitimate interest or for marketing purposes
• Withdraw Consent: Revoke consent for processing requiring explicit agreement

To exercise these rights, contact [email protected]. We will respond within 30 days and may require identity verification to prevent unauthorized disclosures.

Third-Party Services

We engage carefully selected service providers who may access personal data:

All third-party processors are contractually bound to data protection requirements consistent with this policy and applicable law.

International Data Transfers

Some service providers may process data outside Singapore. Where data is transferred internationally, we ensure appropriate safeguards including:

• Processing in jurisdictions with adequate data protection frameworks
• Standard contractual clauses approved by relevant authorities
• Binding corporate rules for multinational service providers
• Certification under recognized privacy frameworks

Cookies and Tracking

Our website uses cookies and similar technologies. For detailed information about cookie categories, management options, and your choices, please review our Cookie Policy.

Policy Updates

This Privacy Policy may be updated periodically to reflect changing practices or legal requirements. Material changes will be communicated through website notice or direct communication to active clients. The "Last Updated" date indicates the most recent revision. Continued use of our services following policy updates constitutes acceptance of changes.

Contact Information

For privacy-related inquiries, data protection concerns, or to exercise your rights:

If you believe your privacy rights have been violated, you may lodge a complaint with Singapore's Personal Data Protection Commission.