Privacy Policy
This notice explains how ClientBase collects, uses, and protects your personal data in accordance with Singapore's Personal Data Protection Act 2012.
I Privacy Notice (Website)
This Data Protection Notice ("Notice") sets out the manner in which Clientbase Pte. Ltd. ("Clientbase", "we", "us", or "our") collects, uses, discloses, and otherwise processes personal data, in compliance with the Personal Data Protection Act 2012 ("PDPA").
This Notice applies to all personal data in our possession or under our control, including personal data entrusted to third-party organisations acting on our behalf.
II Organisation Overview
ClientBase is dedicated to enabling professional firms to overcome growth barriers by scaling value rather than output. Guided by our "escalator framework", we redefine how firms operate by optimising processes, empowering talent, and leveraging technology for sustainable growth.
Through our five pillars — Services, Talent, Grid, Growth, and our Unified Platform — we work alongside clients to transform reactive, output-driven practices into proactive, value-driven organisations.
III Scope and Application
This Notice applies to:
- Visitors to our website or software platforms
- Individuals who engage us for services
- Representatives of clients, vendors, and partners
By accessing our website, submitting information, or otherwise interacting with us, you acknowledge and consent to the collection, use, disclosure, and processing of your personal data in accordance with this Notice.
IV Personal Data
For the purposes of this Notice:
- "Customer" refers to any individual who has contacted us to enquire about our services, or who has entered into, or may enter into, a contract with us.
- "Personal Data" refers to any data, whether true or not, about an individual who can be identified from that data alone, or from that data combined with other information.
Examples of personal data we may collect include, but are not limited to:
- Customers / Clients: name, job title, company details, email address, telephone number
- Vendors / Partners: contact person details, company registration information, payment records
- Website Users: information voluntarily submitted through forms, technical identifiers such as IP addresses, browser type, or usage activity
V Collection, Use and Disclosure of Personal Data
We generally do not collect personal data unless it has been voluntarily provided by you (or your authorised representative) after notification of the purposes and with your consent, or the collection, use, or disclosure is otherwise permitted or required under the PDPA or applicable laws.
Clientbase may collect, use, and disclose personal data for the following purposes:
- Responding to, handling, and managing queries, feedback, or complaints
- Managing relationships with clients, vendors, and employees
- Facilitating service provisions and operational support
- Supporting business continuity, audits, and regulatory compliance
- Providing updates and communications where consent has been obtained
- Facilitating mergers, acquisitions, or corporate restructuring
- Any other purpose for which you have provided consent, or which is permitted by law
Disclosure of personal data may be made to third parties (in Singapore or overseas) including service providers supporting IT, HR, compliance, or operational functions; regulatory bodies, auditors, and government authorities; and cloud vendors or technology partners engaged to host, process, or secure data on our behalf.
VI Legitimate Interests Exception
In compliance with the PDPA, ClientBase may collect, use, or disclose personal data without consent where it is in our legitimate interests or those of another party, provided such interests outweigh any adverse effect on the individual.
Such processing may include:
- Detection and prevention of fraud or misuse of our systems
- Monitoring of IT systems for security and continuity
- Investigation of breaches or incidents
- Use of work-related data on company-issued devices to prevent data loss
VII Your Rights
You may exercise the following rights in accordance with the PDPA:
- Request access to personal data held about you
- Request correction of inaccuracies or incomplete information
- Withdraw consent previously provided (subject to legal or contractual restrictions)
- Request information on the use and disclosure of your data in the preceding year
We may charge a reasonable fee for access requests. All requests will be addressed within statutory timelines.
VIII Protection of Personal Data
Clientbase employs reasonable administrative, physical, and technical safeguards to protect personal data, including:
- Secure storage on managed platforms (e.g. Google Workspace, AWS, BrioHR, Xano)
- Encryption of files in storage and transmission
- Regular patching and antivirus updates
- Data anonymisation where appropriate
- Review of access logs and periodic security audits
IX Retention of Personal Data
Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. When retention is no longer necessary, data will be securely deleted, anonymised, or otherwise disposed of.
X Cross-Border Transfer
Where personal data is transferred outside Singapore, Clientbase will ensure that the recipient provides a standard of protection comparable to that required under the PDPA, through contractual or legally enforceable means.
XI Data Protection Officer
For any queries, feedback, or requests regarding personal data, you may contact our Data Protection Officer ("DPO"):
XII Updates to This Notice
This Notice may be amended from time to time without prior notice. Updates will be published on our website, with the effective date revised accordingly.
Your continued use of our website or services constitutes your acknowledgement and acceptance of such updates.
