Privacy Policy

Last Updated: January 15, 2026

Effective Date: January 15, 2026

1. Introduction

keystone adva is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our consulting services.

We operate in accordance with Singapore's Personal Data Protection Act 2012 (PDPA) and are committed to maintaining the highest standards of data protection.

For questions about this Privacy Policy or our data practices, please contact us at [email protected]

2. Information We Collect

2.1 Personal Data You Provide

We collect personal data that you voluntarily provide to us when you:

  • Fill out contact forms or inquiry forms on our website
  • Request information about our services
  • Engage our consulting services
  • Subscribe to our communications
  • Communicate with us via email or phone

This information may include your name, email address, phone number, company name, job title, and any other information you choose to provide.

2.2 Information Automatically Collected

When you visit our website, we may automatically collect certain information about your device and browsing actions, including:

  • IP address and geographic location
  • Browser type and version
  • Operating system
  • Pages visited and time spent on pages
  • Referral source
  • Device information

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our cookie usage, please refer to our Cookie Policy.

3. How We Use Your Information

3.1 Legal Basis for Processing

We process your personal data on the following legal bases: consent for marketing communications, performance of contract for service delivery, legitimate interests for business operations and website functionality, and legal obligations for compliance with applicable laws.

3.2 Purposes of Data Processing

We use your personal data for the following purposes:

  • To respond to your inquiries and provide information about our services
  • To deliver consulting services you have engaged
  • To communicate with you about your projects and engagements
  • To send you relevant updates and information with your consent
  • To improve our website and services
  • To analyze website usage and visitor behavior
  • To comply with legal obligations and regulatory requirements
  • To protect our legal rights and prevent fraud

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share your personal data with trusted third-party service providers who assist us in operating our website, conducting our business, or servicing you. These providers include website hosting services, email service providers, analytics providers, and IT support services. All third parties are contractually obligated to protect your data and use it only for the specific purposes we authorize.

4.2 Legal Requirements

We may disclose your personal data when required by law, court order, or government regulation, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity, subject to the same privacy protections outlined in this policy.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using SSL/TLS protocols
  • Secure storage systems with access controls
  • Regular security assessments and updates
  • Staff training on data protection practices
  • Confidentiality agreements with employees and contractors

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but commit to investigating any reported security incidents promptly.

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specific retention periods include:

  • Inquiry and contact information: retained for 24 months from last contact
  • Client engagement records: retained for 7 years following project completion for regulatory compliance
  • Marketing communications: retained until you withdraw consent or unsubscribe
  • Website analytics data: aggregated and anonymized after 26 months

After the retention period expires, we securely delete or anonymize your personal data.

7. Your Data Protection Rights

Under Singapore's PDPA and other applicable data protection laws, you have the following rights:

7.1 Right to Access

You have the right to request access to the personal data we hold about you and obtain information about how we process it.

7.2 Right to Correction

You have the right to request correction of inaccurate or incomplete personal data we hold about you.

7.3 Right to Withdraw Consent

Where we process your data based on consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before withdrawal.

7.4 Right to Data Portability

You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format.

7.5 Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

7.6 Exercising Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

8. International Data Transfers

Your personal data is primarily stored and processed in Singapore. If we transfer your data outside Singapore, we ensure appropriate safeguards are in place to protect your data in accordance with PDPA requirements, including using standard contractual clauses or ensuring the recipient country has adequate data protection laws.

9. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from children. If you become aware that a child has provided us with personal data, please contact us, and we will take steps to delete such information.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

12. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

keystone adva

6 Raffles Quay, #11-07

Singapore 048580

Email: [email protected]

Phone: +65 6481 9372

13. Complaints

If you believe we have not handled your personal data in accordance with this Privacy Policy or applicable data protection laws, you have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore.