Privacy Policy
Last updated: 2 July 2026 · Effective: 2 July 2026
This Privacy Policy describes how Pulse Vertex Pte. Ltd. ("Pulse Vertex", "we", "us" or "our") collects, uses, discloses and protects personal data when you visit pulsevertex.pro, submit enquiries, engage our marketing services or otherwise interact with us. We are committed to handling personal data responsibly in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and applicable subsidiary legislation.
1. Data controller
Pulse Vertex Pte. Ltd. is the organisation responsible for personal data described in this policy.
- UEN: 202529481N
- Address: 168 Robinson Road, #20-01 Capital Tower, Singapore 068912
- Email: [email protected]
- Telephone: +65 6224 7204
2. Scope
This policy applies to personal data we process in connection with our website, contact forms, pulse review sessions, client engagements, billing, vendor relationships and marketing communications. It does not apply to third-party websites linked from our site, nor to personal data processed solely on behalf of clients within their own ad accounts — though we address processor-like activities in client contracts where relevant.
3. Personal data we collect
3.1 Information you provide
When you complete our contact form, email us, call our office or meet us at the Pulse Deck studio, we may collect:
- Identity and contact details: name, job title, company name, email address, telephone number, postal address
- Enquiry content: subject selection, message body, project requirements, budget indications and channel information you choose to share
- Consent records: timestamps and method of PDPA consent provided via checkbox on forms
- Meeting notes and correspondence arising from pulse reviews or proposals
3.2 Client engagement data
If you become a client, we additionally process billing contacts, contract signatories, platform access credentials (stored securely and rotated per policy), campaign performance data, creative assets you supply and reporting recipients you nominate. Campaign data may include aggregated or pseudonymous audience metrics from advertising platforms — not typically direct identifiers unless you provide customer lists for matched audiences with appropriate legal basis.
3.3 Automatically collected data
When you browse pulsevertex.pro, our servers and — with your consent — analytics tools may collect:
- Device and browser type, operating system, screen resolution
- IP address (which may be truncated or anonymised in analytics configuration)
- Pages viewed, referral source, session duration and click paths
- Cookie identifiers as described in our Cookie Policy
4. Purposes and legal bases
We collect and use personal data for legitimate business purposes including:
- Responding to enquiries: to read, assess and reply to contact form submissions and emails you initiate.
- Delivering services: to perform marketing strategy, media management, creative production, CRO and reporting under contract.
- Contract administration: invoicing, payment follow-up, account management and dispute resolution in SGD or agreed currency.
- Legal compliance: record-keeping required by Singapore law, tax regulations and regulatory requests we are obliged to honour.
- Website security and improvement: detecting abuse, maintaining uptime and — with consent — understanding aggregate usage patterns to improve content.
- Marketing communications: sending service updates or event invitations where you have opted in or where permitted as an existing client relationship communication.
Under the PDPA, we rely primarily on consent (explicit checkbox for enquiries), contractual necessity for client delivery and legitimate interests for security and internal operations — balanced against your rights and reasonable expectations.
5. Disclosure to third parties
We do not sell personal data. We may share data with:
- Service providers: hosting providers, email delivery, CRM, project management, analytics (when consented), accounting and IT support — bound by confidentiality and data processing terms.
- Advertising platforms: when managing your campaigns, data is uploaded or synced per platform terms and your instructions — e.g. customer match lists you authorise.
- Professional advisers: lawyers, auditors or insurers under duty of confidentiality.
- Authorities: where required by court order, statute or to protect rights, safety and property.
Some providers may process data outside Singapore. Where we transfer personal data overseas, we take steps reasonably required under the PDPA to ensure comparable protection, including contractual clauses where applicable.
6. Retention
We retain personal data only as long as necessary for the purposes collected:
- Enquiry records: up to twenty-four months from last contact unless a client relationship begins.
- Client project files: duration of engagement plus seven years for legal and tax record requirements.
- Cookie consent choices: six months in browser local storage, as stated in our cookie banner.
- Server logs: typically ninety days unless needed for security investigation.
When retention expires, we delete or anonymise data in a manner that prevents re-identification where feasible.
7. Security
We implement administrative, technical and physical safeguards appropriate to the sensitivity of data we hold — including access controls on staff accounts, encrypted transport (HTTPS) for the website, restricted office access at Capital Tower and vendor due diligence. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we respond to incidents in line with PDPA notification expectations where required.
8. Your rights under the PDPA
Subject to exceptions in the PDPA, you may:
- Request access to personal data we hold about you
- Request correction of inaccurate or incomplete data
- Withdraw consent for processing that relies on consent — without affecting lawfulness of prior processing
- Request information about how your data has been used or disclosed within the past year
Submit requests to [email protected] with sufficient detail to verify identity. We respond within thirty days in most cases. A reasonable fee may apply for manifestly unfounded or excessive access requests as permitted by law.
9. Children
Our services and website are directed at business professionals. We do not knowingly collect personal data from individuals under eighteen without parental or guardian consent. Contact us if you believe we have inadvertently collected such data.
10. Do Not Track
Our site does not respond to Do Not Track browser signals in a uniform way. You may manage cookies via our banner and browser settings as described in the Cookie Policy.
11. Changes to this policy
We may update this Privacy Policy to reflect legal, technical or business changes. The "Last updated" date at the top will change accordingly. Material changes may be highlighted on the website or communicated to active clients where appropriate.
12. Contact and complaints
For privacy questions, access requests or consent withdrawal:
Pulse Vertex Pte. Ltd.
168 Robinson Road, #20-01 Capital Tower, Singapore 068912
Email: [email protected]
Phone: +65 6224 7204
If you are unsatisfied with our response, you may contact the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg.
13. Marketing and client campaign data
When we manage advertising on your behalf, platforms such as Google, Meta, LinkedIn and programmatic partners process audience and event data under their own terms. We configure campaigns to minimise unnecessary personal data collection and follow your instructions on customer list uploads. You are responsible for ensuring lawful basis exists for any first-party data you provide for matched audiences or remarketing.
Aggregated performance reports we deliver typically do not include personally identifiable information about your end customers unless you explicitly request user-level exports and such exports are lawful. Raw platform exports are stored in secure project folders with access limited to assigned team members for the duration of the engagement.
When a client engagement ends, we delete or return platform-linked exports per contract offboarding procedures. Backups on secure archive storage may persist for up to ninety days for disaster recovery before automatic purging, unless longer retention is required for legal holds.
14. Data breach notification
In the event of a data breach likely to result in significant harm or affect a significant number of individuals, we will assess notification obligations under the PDPA and notify affected individuals and the PDPC where required. We maintain an internal incident response checklist covering containment, assessment, notification and remediation steps.
15. Data Protection Officer contact
Privacy matters may be directed to our designated data protection contact at [email protected] with the subject line "PDPA — Pulse Vertex". We aim to acknowledge privacy correspondence within five business days and resolve straightforward access or correction requests within thirty days as required by the PDPA.
We review this Privacy Policy at least annually and whenever we introduce new data processing activities — such as additional analytics tools or CRM integrations. Material changes that affect how we use personal data you already provided will be communicated through the website or direct notice where appropriate, giving you an opportunity to withdraw consent where applicable.
Where you connect third-party accounts to our reporting dashboards at your request, we access only the metrics and dimensions needed for agreed deliverables. Disconnect instructions are provided in offboarding documentation, and we remove linked credentials from our password vault when the engagement closes.