Legal
Privacy Policy
Last updated: 14 May 2025
Mutiara Nexus Pte. Ltd. ("we", "us", "our") is committed to handling your personal data responsibly. This policy describes what data we collect, why we collect it, how we use and protect it, and what rights you have under Singapore's Personal Data Protection Act 2012 (PDPA).
If you have questions about anything in this policy, please write to us at [email protected].
1. Who We Are
Mutiara Nexus Pte. Ltd. is the data controller for personal data processed through this website and our services. We are registered in Singapore and operate from 38 Beach Road, #29-11 South Beach Tower, Singapore 189767.
2. What Personal Data We Collect
We collect only the data needed to deliver our services and communicate with you effectively:
- Contact data: name, email address, phone number (when provided)
- Business data: business name, role, and brief description of your situation (shared during a consultation or through our contact form)
- Website usage data: pages visited, time spent, device type — collected via analytics cookies only if you have consented
- Communication records: email and message content exchanged with our team
We do not collect sensitive personal data, payment card numbers, or national identification numbers.
3. How and Why We Collect Your Data
3.1 Contact form submissions
When you submit our contact form, we collect your name, email, and any message you provide. This data is used to respond to your enquiry and, where relevant, to schedule a consultation. The legal basis is your consent at the point of submission.
3.2 Service delivery
If you engage our services, we collect and process data necessary to conduct the engagement — including business information shared during consultations and written summaries. The legal basis is the performance of our service agreement with you.
3.3 Analytics
With your consent, we use analytics tools to understand how visitors use our website. This data is aggregated and used solely to improve the site. You can withdraw consent at any time through our cookie settings.
3.4 Legitimate interests
We may process certain data on the basis of legitimate interests — for example, maintaining records of past enquiries to provide consistent service, or monitoring website security.
4. Data Retention
We retain personal data for as long as is necessary for the purpose it was collected:
- Contact form enquiries that do not lead to an engagement: 12 months
- Client engagement records: 5 years from the end of the engagement (for legal and accounting purposes)
- Analytics data: 26 months (standard analytics retention period)
- Email communications: as long as the relationship is active, and up to 2 years after the last contact
5. How We Use Your Data
We use your personal data to respond to enquiries, deliver and manage our services, send relevant follow-up communications where you have consented, improve our website and services, and comply with our legal and regulatory obligations in Singapore.
We do not sell your personal data. We do not share it with third parties for their own marketing purposes.
6. Data Sharing
We share personal data only where necessary:
- Service providers: We use a small number of trusted providers for email delivery, cloud storage, and website analytics. These providers are contractually bound to process data only on our instruction and to maintain appropriate security.
- Legal requirements: We may disclose data where required by Singapore law, a court order, or a regulatory authority.
- Business transfer: In the event of a merger or acquisition, personal data may be transferred to the successor entity under the same terms as this policy.
7. Data Protection Measures
We take practical steps to protect your data, including encrypted storage and transmission (TLS), access restricted to team members with a direct need, regular review of third-party provider security practices, and a documented process for handling data incidents. If a breach is likely to have a significant impact on your data, we will notify you and the Personal Data Protection Commission (PDPC) within the timeframes required under the PDPA.
8. Cookies
We use cookies to operate certain site functions (always on) and to collect analytics data (only with your consent). For a full explanation, please see our Cookie Policy.
9. Your Rights Under the PDPA
Singapore's Personal Data Protection Act gives you the right to:
- Request access to the personal data we hold about you
- Request correction of inaccurate or incomplete data
- Withdraw consent to processing at any time (without affecting the lawfulness of processing before withdrawal)
- Request that we cease processing your data in certain circumstances
- Lodge a complaint with the Personal Data Protection Commission if you believe your rights have not been respected
To exercise any of these rights, write to us at [email protected]. We will respond within 30 days.
10. Third-Party Links
Our website may link to external sites. We are not responsible for the privacy practices of those sites and encourage you to read their policies before sharing any personal data with them.
11. Children's Privacy
Our services are directed at businesses and are not intended for individuals under 18 years of age. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us and we will delete it promptly.
12. Changes to This Policy
We may update this policy from time to time. The revised version will be posted on this page with an updated date at the top. Continued use of our website or services after a change constitutes acceptance of the updated policy.
13. Contact
For any data-related questions or requests:
Mutiara Nexus Pte. Ltd.
38 Beach Road, #29-11 South Beach Tower
Singapore 189767
Email: [email protected]
Phone: +65 6184 7536
For complaints that are not resolved to your satisfaction, you may contact the Personal Data Protection Commission at pdpc.gov.sg.