PSOI Tech OSBack to home

Legal draft

Privacy notice

This draft explains how personal data may be handled when you use this website or send a project brief to PSOI Tech OS. It has not been legally reviewed and should be reviewed by Singapore counsel before being treated as a final policy.

Draft status: Draft information for review. This website content has not been represented as legal advice or as having completed Singapore legal review. A project agreement or other written notice may provide additional, engagement-specific information.

1. Who this notice covers

This notice covers personal data collected through the public PSOI Tech OS website, including the project brief form and related correspondence. It does not replace the terms of any signed client agreement.

2. Data we may collect

Depending on what you submit or how the site is configured, this may include:

  • Identity and business contact details submitted through the project brief
  • Company and project information, including budget, timeline, systems and intended outcome
  • Consent record, referral source, UTM parameters, landing page and referrer
  • Technical and usage information produced by configured hosting, security and analytics services

The project-brief endpoint may process a network address in short-lived server memory to apply rate limits. Hosting and security services may retain their own request records under their configured terms and retention settings.

Please do not place passwords, private keys, production data, regulated records or other sensitive information in the initial project brief.

3. Why we use it

Personal data may be used to:

  • Assess, qualify and respond to enquiries
  • Prepare a proposed scope and communicate about a potential engagement
  • Protect the website and prevent spam or misuse
  • Understand website and funnel performance using privacy-conscious analytics
  • Meet applicable record-keeping or legal obligations

Consent will be sought where required. Data may also be handled where reasonably necessary to respond to your request, take steps toward a contract, protect the service, or meet obligations permitted by applicable law.

4. Where data may be sent

  • The configured lead-delivery service when enabled
  • The configured notification email service when enabled
  • Hosting, security and analytics providers used to operate the website

A submitted brief is processed by the site infrastructure. When configured, it may be forwarded to a lead-management webhook or notification service so the team can respond. Relevant information may also be shared with professional advisers or delivery suppliers when necessary and subject to appropriate obligations.

Service providers may process data outside Singapore. Where cross-border transfers occur, reasonable steps should be taken to ensure a standard of protection comparable to applicable Singapore requirements. A final vendor list and transfer review should be confirmed before this draft is approved.

Personal data is not intended to be sold. It should not be disclosed for unrelated purposes without notice or another basis permitted by law.

5. Retention

Enquiry information should be retained only for as long as reasonably needed for the stated purposes, an active business relationship, dispute handling and applicable legal obligations. A specific retention schedule must be confirmed by the business owner.

6. Access, correction and withdrawal

People may request access to or correction of their personal data through the published contact or DPO channel. Identity may need to be verified before a request is completed, and applicable legal exceptions may apply.

Consent for future use may also be withdrawn where consent applies. Withdrawal will not affect uses already made lawfully and may limit the ability to respond or provide services.

7. Security

Reasonable administrative and technical safeguards should be used for lead data, including controlled access, protected credentials, input validation, transport encryption where supported, and review of the services that receive submissions. No internet transmission or storage method can be promised to be completely secure.

8. Cookies and analytics

The site may use essential storage and privacy-conscious analytics when configured. Non-essential tracking should not be enabled without an appropriate notice and consent approach.

Configured measurement may include aggregate site use and conversion events, such as a project brief being started or submitted. Browser settings can restrict cookies, although doing so may affect some features.

9. Third-party services and links

Service providers should receive only the information needed for their role and remain subject to their own terms, security measures and data-location practices. The final notice must name or describe configured providers accurately.

Hosting, email, lead-management, analytics, calendar-booking and other configured services may process limited data for their stated function. Their own terms and privacy notices apply. Links to external websites are provided for convenience; PSOI Tech OSdoes not control how those sites handle data.

10. AI and project data

AI-assisted tools may support delivery, but client data should not be entered into an external AI service without an agreed purpose, appropriate access controls and a review of the service settings. Any engagement-specific handling rules, exclusions or approved tools should be recorded in the project agreement.

11. Updates and contact

This notice may be updated when the website, service providers or legal requirements change. Material changes should be identified on this page. Questions and complaints will be reviewed and answered within a reasonable period.

TermsReturn to PSOI Tech OS