Privacy Policy

Introduction

Prism Ledger is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you engage our advisory services or visit our website. We comply with the Personal Data Protection Act 2012 (PDPA) of Singapore and maintain high standards for data protection.

By engaging our services or using our website, you consent to the data practices described in this policy. Please read this Privacy Policy carefully to understand our views and practices regarding your personal data.

Information We Collect

Personal Information

We collect personal information that you provide directly to us when engaging our advisory services, including:

• Contact information such as name, email address, phone number, and mailing address
• Financial information including portfolio details, investment objectives, risk tolerance, and financial circumstances
• Identification information required for regulatory compliance and service delivery
• Communication preferences and service history
• Any other information you choose to provide during consultations or communications

Usage Data

When you visit our website, we may automatically collect certain information about your device and interaction with our site, including:

• Browser type and version
• Operating system
• IP address and general location information
• Pages visited and time spent on pages
• Referral source and exit pages

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. For detailed information about our use of cookies, please refer to our Cookie Policy.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

• Consent: You have given explicit consent for us to process your personal information for specific purposes
• Contract Fulfillment: Processing is necessary for the performance of advisory services you have engaged
• Legitimate Interest: Processing is necessary for our legitimate business interests while ensuring appropriate protections for your data
• Legal Obligation: Processing is required to comply with applicable laws and regulations in Singapore

How We Use Your Information

We use the information we collect for the following purposes:

• Providing digital asset advisory services including education, planning, and strategic review
• Communicating with you regarding service delivery, consultations, and inquiries
• Analyzing your financial circumstances to develop appropriate recommendations
• Maintaining records of our advisory relationship as required by professional standards
• Improving our services through feedback analysis and quality assessment
• Complying with legal obligations and regulatory requirements
• Protecting against fraud, unauthorized access, or other security concerns
• Sending periodic updates about services, regulatory developments, or market insights (with your consent)

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specific retention periods include:

• Advisory records and client files: 7 years following completion of services, in accordance with professional standards
• Communication records: Duration of client relationship plus 3 years
• Financial analysis and recommendations: 7 years from date of service delivery
• Marketing consent records: Until consent is withdrawn
• Website usage data: 24 months from collection

When personal information is no longer required, we securely delete or anonymize it in accordance with our data retention and disposal procedures.

Data Protection and Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• Encryption of sensitive data during transmission and storage
• Secure access controls limiting information access to authorized personnel only
• Regular security assessments and updates to our systems
• Employee training on data protection and confidentiality requirements
• Secure disposal procedures for physical and electronic records
• Incident response procedures to address potential data breaches

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but maintain rigorous standards to minimize risk.

Your Rights and Choices

Under Singapore's PDPA, you have the following rights regarding your personal data:

• Right to Access: Request copies of your personal information we hold
• Right to Correction: Request correction of inaccurate or incomplete personal information
• Right to Withdraw Consent: Withdraw previously given consent for data processing (subject to legal and contractual restrictions)
• Right to Restrict Processing: Request limitation of how we use your personal information in certain circumstances
• Right to Data Portability: Receive personal information you provided in a structured, commonly used format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes

To exercise these rights, please contact us at [email protected]. We will respond to your request within 30 days as required by applicable law.

Third-Party Service Providers

We may share your personal information with third-party service providers who assist in delivering our services or operating our business. These providers include:

• Cloud storage and data management services
• Communication and collaboration tools
• Analytics providers to understand website usage
• Professional advisors including legal counsel and accountants
• Technology service providers for system maintenance and security

All third-party service providers are contractually required to:

• Process personal information only for specified purposes
• Implement appropriate security measures
• Maintain confidentiality of client information
• Comply with applicable data protection laws

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

International Data Transfers

Your personal information is primarily stored and processed in Singapore. In limited circumstances, we may transfer personal information to service providers located outside Singapore. When such transfers occur, we ensure appropriate safeguards are in place, including:

• Standard contractual clauses approved by data protection authorities
• Transfers to jurisdictions with adequate data protection standards
• Additional security measures appropriate to the sensitivity of the data

We obtain your consent before transferring personal information internationally where required by law.

Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that we have collected personal information from a minor without appropriate parental consent, we will take steps to delete such information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Notify active clients via email about significant changes
• Post a notice on our website highlighting the updates

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Continued use of our services after changes indicates acceptance of the updated policy.

Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

We aim to respond to all privacy-related inquiries within 30 days of receipt.