Privacy Policy

Sprada Pte. Ltd. (UEN 202223938W) (“Sprada”, “we”, “us” or “our”), a company incorporated in Singapore, is committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and other applicable data protection laws.

This Privacy Policy explains how we collect, use, disclose, store and otherwise process personal data when you:

• visit our website at www.sprada.sg;
• contact us; or
• engage us for consulting or related services.

By interacting with us, submitting information to us, or using our website or services, you acknowledge that you have read and understood this Privacy Policy.

1. Personal Data We Collect

“Personal data” generally means data, whether true or not, about an individual who can be identified from that data, or from that data together with other information to which we have or are likely to have access.

Depending on your interaction with us, we may collect the following personal data:

Where you provide us with personal data relating to another individual, you represent that you have obtained the consent or authority required to provide that data to us for the relevant purpose.

2. How We Collect Personal Data

We may collect personal data in the following ways:

• when you submit an enquiry through our website or contact us directly;
• when you engage us for services;
• when you correspond or meet with us;
• when you subscribe to updates or request materials from us;
• when you browse or interact with our website; and
• from publicly available sources or third parties where permitted by law.

3. Purposes for Which We Use Personal Data

We may collect, use and disclose personal data for purposes including:

• responding to your enquiries and requests;
• assessing whether we can provide services to you or your organisation;
• providing consulting and related services;
• managing and administering our relationship with clients, prospective clients, vendors and other counterparties;
• performing contractual obligations and enforcing our legal rights;
• communicating with you in relation to our services, engagements, and operations;
• processing payments, invoices and internal administration;
• complying with legal, regulatory, audit, risk management and record-keeping requirements;
• improving our website, services and user experience; and
• any other purpose reasonably related to the foregoing.

Where required under applicable law, we will obtain your consent before using your personal data for additional purposes.

We do not use personal data for unsolicited direct marketing unless permitted by law or with your consent.

4. Disclosure of Personal Data

We do not sell your personal data.

We may disclose personal data, where appropriate and for the purposes described above, to:

• our employees, officers and authorised representatives;
• service providers and vendors who support our business operations, including providers of website hosting, email, cloud storage, CRM, communications, IT support, document management, analytics, payment processing, and other business systems;
• professional advisers such as lawyers, accountants, auditors, insurers and corporate service providers;
• banks, payment providers and financial institutions;
• regulators, governmental authorities, law enforcement agencies, courts or tribunals where required or permitted by law; and
• any other party where such disclosure is reasonably necessary for a lawful business purpose.

Where third-party service providers process personal data on our behalf, we take reasonable steps to require them to protect the personal data appropriately.

5. Transfers of Personal Data Outside Singapore

Some of our service providers or technology vendors may be located outside Singapore, or may store or process personal data outside Singapore.

Where personal data is transferred outside Singapore, we will take reasonable steps to ensure that the transferred personal data is protected to a standard comparable to that required under the PDPA.

6. Retention of Personal Data

We retain personal data only for as long as it is necessary to fulfil the purposes for which it was collected, or as required or permitted by applicable law.

As a general guideline, client and engagement records may be retained for up to seven (7) years after the end of the relevant engagement, or longer where retention is necessary for legal, regulatory, tax, accounting, dispute resolution, risk management, or legitimate business purposes.

When personal data is no longer required, we will take reasonable steps to delete, destroy, anonymise, or securely dispose of it.

7. Protection of Personal Data

We implement reasonable administrative, physical and technical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect personal data, we cannot guarantee absolute security.

8. Your Rights

Subject to the PDPA and other applicable laws, you may have the right to:

• request access to personal data we hold about you;
• request correction of personal data that is inaccurate or incomplete; and
• withdraw consent to our collection, use or disclosure of your personal data by giving us reasonable notice.

If you withdraw your consent, this will not affect the lawfulness of any collection, use or disclosure of your personal data that took place before your withdrawal. Depending on the nature and scope of your request, withdrawal of consent may also affect our ability to provide services to you or continue our relationship with you.

We will respond to requests as soon as reasonably possible. Where we are unable to respond within 30 days, we will inform you in writing of the time by which we will respond. A reasonable administrative fee may be charged for access requests where permitted by law.

To make a request, please contact us using the details in section 11 below.

9. Cookies and Website Analytics

Our website may use cookies and similar technologies to:

• enable website functionality;
• remember user preferences;
• analyse website traffic and usage patterns; and
• improve website performance and user experience.

You may manage or disable cookies through your browser settings. However, doing so may affect the functionality of certain parts of our website.

If you use third-party browser tools or settings to block cookies, some website features may not operate properly.

10. Third-Party Websites

Our website may contain links to third-party websites or services. We do not control and are not responsible for the privacy practices, content or security of those third-party websites or services.

You should review the privacy policies of those third parties before providing them with your personal data.

11. Contact / Data Protection Officer

If you have any questions, requests or complaints relating to this Privacy Policy or our handling of personal data, please contact our Data Protection Officer:

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business practices, legal or regulatory requirements, or website features.

Any updated version will be posted on this page and will take effect from the “Last updated” date stated above.