Privacy Policy

Introduction

Orbisync ("we," "our," or "us") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you engage with our AI consulting services, visit our website, or interact with our team.

This policy applies to all personal data processed by Orbisync in connection with our consulting services, including AI system architecture, federated learning consultation, and performance optimisation engagements. We operate in compliance with Singapore's Personal Data Protection Act 2012 (PDPA) and international data protection standards.

Information We Collect

Personal Information You Provide

When you engage with our services or contact us, we may collect:

• Name, job title, and company affiliation
• Business email address and phone number
• Technical requirements and project specifications
• Communication preferences and inquiry details
• Payment and billing information for consulting engagements

Information Collected Automatically

When you visit our website, we may automatically collect:

• Browser type, operating system, and device information
• IP address and general geographic location
• Pages visited, time spent, and navigation patterns
• Referral source and exit pages
• Cookie data as described in our Cookie Policy

How We Use Your Information

We process personal data for the following purposes:

• Service Delivery: To provide AI consulting services, deliver technical documentation, and fulfil engagement contracts
• Communication: To respond to inquiries, provide project updates, and maintain client relationships
• Business Operations: To process payments, manage contracts, and maintain business records
• Service Improvement: To analyse engagement patterns and improve our consulting methodology
• Legal Compliance: To comply with applicable laws, regulations, and professional standards
• Security: To protect against fraud, security threats, and unauthorised access to our systems

Legal Basis for Processing

Under PDPA and applicable data protection laws, we process personal data based on:

• Consent: When you provide explicit consent for specific processing activities
• Contract Performance: To fulfil consulting engagement agreements and deliver requested services
• Legitimate Interests: For business operations, service improvement, and client relationship management
• Legal Obligations: To comply with applicable laws, regulations, and professional requirements

Data Sharing and Disclosure

We may share personal data with:

• Service Providers: Cloud hosting providers, payment processors, and email communication platforms that assist in service delivery
• Professional Advisors: Legal counsel, accountants, and auditors as required for business operations
• Regulatory Authorities: When required by law or to comply with legal proceedings

We do not sell personal data to third parties. All service providers are contractually bound to protect your data and use it only for specified purposes.

Data Security

We implement appropriate technical and organisational measures to protect personal data:

• Encryption of data in transit and at rest using industry-standard protocols
• Access controls limiting data access to authorised personnel only
• Regular security audits and vulnerability assessments
• Secure communication channels for client interactions
• Incident response procedures for data breach management
• Employee training on data protection and confidentiality requirements

Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy or as required by law:

• Client Data: Retained for the duration of the engagement plus 7 years for business and legal compliance purposes
• Inquiry Data: Retained for 2 years after last contact if no engagement is established
• Website Analytics: Retained for 14 months for service improvement purposes
• Marketing Communications: Retained until consent is withdrawn or contact becomes inactive

Your Privacy Rights

Under PDPA and applicable data protection laws, you have the following rights:

• Access: Request a copy of personal data we hold about you
• Correction: Request correction of inaccurate or incomplete personal data
• Deletion: Request deletion of personal data subject to legal retention requirements
• Data Portability: Receive personal data in a structured, commonly used format
• Objection: Object to processing based on legitimate interests
• Withdrawal of Consent: Withdraw consent for processing activities at any time
• Lodge Complaint: File a complaint with the Personal Data Protection Commission (PDPC) in Singapore

To exercise these rights, contact us at [email protected]. We will respond to requests within 30 days.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience and analyse site usage. We use:

• Essential Cookies: Required for website functionality and security
• Analytics Cookies: To understand how visitors interact with our website
• Preference Cookies: To remember your settings and preferences

For detailed information about cookies we use and how to manage your preferences, please review our Cookie Policy.

International Data Transfers

As we operate primarily in Singapore and utilise cloud infrastructure providers with global operations, personal data may be transferred to and stored in jurisdictions outside Singapore. We ensure appropriate safeguards are in place for international transfers, including standard contractual clauses and adequacy decisions where applicable.

Third-Party Links

Our website may contain links to third-party websites and services. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. Material changes will be communicated through website notice or direct communication to active clients. The "Last Updated" date at the top of this policy indicates when the most recent revisions were made.

Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, please contact: