Privacy Policy
Last Updated: 15 February 2026 | Effective Date: 15 February 2026
1. Introduction
Banyan Advisory Pte. Ltd. ("Banyan Advisory", "we", "us", or "our") is committed to handling personal data responsibly. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information you provide to us, or that we obtain in the course of our business relationship.
We operate under Singapore's Personal Data Protection Act 2012 (PDPA) and observe its requirements for the collection, use, disclosure, and care of personal data.
This policy applies to personal data collected through our website at banyanadv.biz, through direct correspondence, and through the delivery of our advisory services. By engaging with us or submitting information through our website, you acknowledge the practices described here.
2. Data We Collect
We collect personal data only when it is reasonably necessary for our advisory activities. The types of data we may collect include:
Information You Provide Directly
- Full name and professional title
- Business email address and telephone number
- Company name and registered address
- Transaction details and matter descriptions you share during enquiries
- Correspondence content from emails, forms, or meetings
Information Collected Automatically
- IP address and device type
- Browser type and operating system
- Pages visited, time spent, and referral source
- Cookie-derived analytics data (where consent is given)
Legal Basis for Processing
- Consent — for marketing communications and optional analytics
- Contract performance — for delivering advisory services
- Legitimate interests — for service improvement and security monitoring
- Legal obligation — for regulatory compliance and record-keeping
Data Retention: Client engagement records are retained for a minimum of 7 years following matter closure, in accordance with professional obligations. Website enquiry data is held for 24 months unless a client relationship is established.
3. How We Use Your Data
We use personal data solely for purposes that a reasonable person would consider appropriate given the circumstances of collection. Primary uses include:
- Responding to enquiries and providing requested advisory services
- Preparing and managing client engagement letters and documentation
- Fulfilling regulatory and professional conduct obligations
- Maintaining accurate internal records of client matters
- Improving our website and service delivery processes
- Sending service-related communications (updates to engagement scope, billing notices)
Marketing Communications
We may occasionally share industry insights or information about our services via email. These communications are only sent where you have provided consent or where a prior professional relationship exists. You may withdraw from such communications at any time by contacting us at [email protected].
Data Sharing
We do not sell personal data. We may share information with professional associates, co-advisors, and service providers who assist us in delivering engagements, subject to confidentiality obligations. We may also disclose data where required by law or a regulatory authority.
4. Data Protection Measures
We take data security seriously. Measures we have in place include:
- Encrypted transmission via TLS/HTTPS for all website interactions
- Access controls restricting personal data to personnel with a legitimate need
- Regular review of data handling practices and access logs
- Secure document storage for client matter files
- Staff obligations of confidentiality as a condition of engagement
In the unlikely event of a data breach affecting your personal data, we will notify affected individuals and the Personal Data Protection Commission (PDPC) in accordance with the PDPA's Mandatory Data Breach Notification obligations.
6. Third-Party Services & Links
Our website may use the following third-party services, each subject to their own privacy terms:
- Google Analytics — website usage analysis
- Google Maps — embedded location display
- Font providers (Google Fonts, Cloudflare CDN) — typographic assets
Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their policies independently.
7. Your Rights
Under Singapore's PDPA, you have the right to:
- Access — request a copy of personal data we hold about you
- Correction — request correction of inaccurate or incomplete data
- Withdrawal of consent — withdraw consent for non-essential data processing, noting this may affect service delivery
- Data portability — receive a copy of your data in a commonly used format where applicable
- Objection — object to certain uses of your data
To exercise any of these rights, please contact our Data Protection Officer at [email protected]. We will respond within 30 days.
If you are dissatisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.
8. Children's Privacy
Our services are directed at business professionals and organisations. We do not knowingly collect personal data from individuals under the age of 18. If you become aware that a minor has submitted personal data to us, please notify us promptly and we will take steps to remove such information.
9. Policy Updates
We review this policy periodically and may update it to reflect changes in our practices, services, or applicable law. Where material changes are made, we will post a notice on our website with a revised "Last Updated" date.
Continued use of our website or services following notification of changes constitutes acceptance of the revised policy.
10. Contact Our Data Protection Officer
For privacy-related queries, access requests, or concerns, please reach us through the following:
50 Collyer Quay, #09-05, OUE Bayfront
Singapore 049321
Nothing on this website constitutes legal advice. Engagement with Banyan Advisory is subject to a formal engagement letter and applicable terms of service.