Privacy Policy

1. Introduction

Aethonix is committed to protecting the privacy and security of personal data entrusted to us by clients, website visitors, and other individuals. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with Singapore's Personal Data Protection Act 2012 (PDPA) and international data protection principles.

By using our website or engaging our services, you acknowledge that you have read and understood this Privacy Policy. If you have questions or concerns about our privacy practices, please contact us at [email protected].

2. Information We Collect

2.1 Information You Provide

We collect personal data that you voluntarily provide when you contact us, request information about our services, or engage us for consulting work. This may include your name, email address, phone number, job title, company name, and any information included in messages you send to us.

2.2 Information Collected Automatically

When you visit our website, we may automatically collect certain information about your device and browsing behaviour through cookies and similar technologies. This includes IP address, browser type, operating system, referring URLs, pages visited, and time spent on our site. For details on how we use cookies, please see our Cookie Policy.

2.3 Client Project Data

During consulting engagements, we may process client data as necessary to deliver our services. This data handling is governed by separate agreements with clients and is subject to strict confidentiality and security protocols appropriate to the sensitivity of the information.

3. How We Use Your Information

3.1 Service Delivery

We use your personal data primarily to respond to inquiries, provide information about our services, and deliver consulting engagements. This includes communication about project details, scheduling, documentation, and billing.

3.2 Business Operations

Personal information may be used for legitimate business purposes including maintaining client relationships, improving our services, conducting internal analysis, and ensuring compliance with legal and contractual obligations.

3.3 Communications

With your consent, we may send information about our services, industry insights, or updates that we believe may interest you. You can opt out of such communications at any time by contacting us or following unsubscribe instructions in emails.

3.4 Legal Basis for Processing

Our legal bases for processing personal data include: consent you provide, necessity for contract performance, compliance with legal obligations, and legitimate business interests that do not override your privacy rights.

4. Data Sharing and Disclosure

4.1 Third-Party Service Providers

We may share personal data with carefully selected service providers who assist with business operations such as website hosting, email delivery, analytics, or payment processing. These providers are contractually required to protect your data and use it only for specified purposes.

4.2 Legal Requirements

We may disclose personal information when required by law, court order, or governmental request, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity, subject to the same privacy protections described in this policy.

4.4 No Sale of Personal Data

We do not sell, rent, or trade personal information to third parties for their marketing purposes.

5. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest where appropriate
• Access controls limiting data access to authorised personnel only
• Regular security assessments and updates to our systems
• Employee training on data protection and confidentiality
• Secure disposal of data when no longer needed

While we strive to protect your personal data, no method of transmission or storage is completely secure. We cannot guarantee absolute security but commit to promptly addressing any security incidents.

6. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Inquiry data: Retained for up to 2 years after last contact
• Client engagement data: Retained for 7 years after project completion for professional records and compliance
• Marketing communications data: Retained until you opt out or we determine the data is no longer relevant
• Website analytics data: Aggregated and anonymised after 26 months

When personal data is no longer required, we securely delete or anonymise it in accordance with our data retention procedures.

7. Your Rights

Under applicable data protection laws, you have the following rights regarding your personal data:

7.1 Access and Correction

You have the right to request access to personal data we hold about you and to request correction of inaccurate or incomplete information.

7.2 Withdrawal of Consent

Where we process your data based on consent, you may withdraw that consent at any time. This will not affect the lawfulness of processing conducted prior to withdrawal.

7.3 Deletion

You may request deletion of your personal data, subject to our legal and contractual obligations to retain certain information.

7.4 Portability

You have the right to request a copy of your personal data in a structured, commonly used format for transfer to another service provider.

7.5 Objection

You may object to processing of your personal data for direct marketing purposes or where processing is based on legitimate interests.

To exercise these rights, please contact us at [email protected]. We will respond to requests within the timeframes required by applicable law.

8. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance user experience, analyse website traffic, and understand visitor behaviour. You can control cookie preferences through your browser settings or our cookie consent mechanism. For detailed information about our cookie practices, please see our Cookie Policy.

9. International Data Transfers

While we primarily operate in Singapore, some of our service providers may be located in other jurisdictions. When personal data is transferred outside Singapore, we ensure appropriate safeguards are in place to protect your information in accordance with applicable data protection laws. These safeguards may include contractual clauses, adequacy decisions, or other approved transfer mechanisms.

10. Children's Privacy

Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have collected data from someone under 18, we will take steps to delete that information promptly.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy. Significant changes will be communicated through our website or direct notification where appropriate. We encourage you to review this policy regularly to stay informed about how we protect your information.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Complaints

If you believe we have not handled your personal data in accordance with this policy or applicable data protection laws, you have the right to lodge a complaint with the Personal Data Protection Commission of Singapore or the relevant supervisory authority in your jurisdiction.