Privacy Policy

1. Who We Are

Permata is a financial education provider registered in Singapore. Our registered address is 132 Telok Ayer Street, #08-03, Singapore 068601. When this policy refers to "Permata", "we", "us" or "our", it means this entity.

We are the data controller for personal data collected through this website and through our educational programmes.

2. What We Collect

We collect only the personal data we need to run our programmes and respond to your enquiries. This includes:

• Your name and email address, provided when you complete our enquiry form or write to us directly
• Your telephone number, if you choose to provide it
• Your general financial situation or learning goals, shared voluntarily in your enquiry message
• Programme enrolment details, including your payment records
• Your responses to programme materials and discussion questions, where these are submitted online
• Technical data collected automatically when you visit our website — including your IP address, browser type, device type, pages visited, and the time and duration of your visit (see Section 8 on Cookies)

We do not collect sensitive personal data such as national identity numbers, financial account details, health records, or any data about minors.

3. How We Collect It

We collect personal data through the following channels:

• The enquiry form on this website
• Direct email correspondence to [email protected]
• Telephone calls to +65 6873 4520
• Programme registration and payment processes
• Online discussion sessions, where participation is voluntary
• Automatic technical collection via cookies and web analytics tools (see Section 8)

4. Why We Use It

We use your personal data for the following purposes:

To respond to your enquiry

When you write to us, we use your name and contact details to reply and, where appropriate, suggest which programme may suit your situation. This processing is necessary to take steps at your request before entering a contract, as provided under the PDPA.

To deliver our programmes

If you enrol in one of our courses, we use your contact details and enrolment records to send you materials, session links, and administrative communications. This processing is necessary for the performance of our contract with you.

To improve our programmes

We may use anonymised or aggregated feedback from participants to improve our course materials. No individual is identifiable from this analysis.

To comply with legal obligations

We retain certain records, including payment records, for as long as required by Singapore law.

Marketing communications

We will only send you information about future programmes or events if you have expressed an interest in receiving such communications. You may withdraw this consent at any time by writing to us at [email protected].

5. Who We Share It With

We do not sell, rent, or trade your personal data. We share it only in the following limited circumstances:

• Service providers: We use a small number of third-party tools — including a payment processor and a video conferencing platform — that may process your data on our behalf. These providers are contractually required to handle your data securely and only for the purpose of providing their service to us.
• Analytics: We use web analytics tools (such as Google Analytics) to understand how visitors use our website. Data shared with these tools is subject to anonymisation and the privacy policies of those providers.
• Legal requirements: We may disclose your data if required to do so by law or in response to a valid request from a government authority.

All third-party providers we use are required to maintain reasonable security standards. We do not transfer your personal data outside Singapore except where we have satisfied ourselves that an adequate level of protection applies.

6. How Long We Keep It

We keep your personal data only for as long as is necessary for the purposes described in this policy:

• Enquiry data (name, email, message) — retained for up to 24 months from the date of last contact, unless you become a programme participant
• Programme participant records — retained for five years from the date your last programme concludes, in line with general commercial record-keeping practice
• Payment records — retained for seven years as required by Singapore tax and accounting regulations
• Technical log data — retained for up to 12 months, after which it is aggregated or deleted

When data is no longer needed, we delete it or anonymise it so it can no longer be linked to you.

7. Your Rights

Under the Personal Data Protection Act 2012, you have the right to:

• Access — request a copy of the personal data we hold about you
• Correction — request that we correct any inaccurate or incomplete data
• Withdrawal of consent — withdraw any consent you have given for us to use your data for marketing or optional communications
• Data portability — in certain circumstances, request that we provide your data in a portable format

To exercise any of these rights, please write to our Data Protection Officer at the address listed in Section 12. We will respond within 30 calendar days. We may ask you to verify your identity before we can act on your request.

If you believe your personal data has been handled improperly, you may also contact the Personal Data Protection Commission at www.pdpc.gov.sg.

8. Cookies

Our website uses cookies — small text files stored on your device — to help us understand how visitors use the site and to remember your preferences. We use the following categories:

• Essential cookies: These are necessary for the website to function. They include session management and security cookies. They cannot be switched off.
• Analytics cookies: These help us understand which pages are visited most often, how long visitors spend on the site, and where they came from. This helps us improve the site over time. These cookies are only placed with your consent.
• Marketing cookies: These may be used to understand how visitors reached us (for example, through an advertisement). These cookies are only placed with your consent.

When you first visit our website, you will be asked to indicate your preferences. You can change your preferences at any time by clearing your browser's cookies and revisiting the site. For full details on the specific cookies we use, please see our Cookie Policy.

9. Security

We take reasonable technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access. These measures include secure transmission protocols (HTTPS), access controls limiting who within our small team can view personal data, and regular review of our data handling procedures.

No transmission over the internet is entirely without risk. If you have reason to believe that your personal data has been compromised, please contact us immediately at [email protected].

10. Children

Our programmes are designed for adults aged forty and above. We do not knowingly collect personal data from individuals under the age of eighteen. If you believe a minor has submitted data to us, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or in applicable law. When we make changes, we will update the "Last updated" date at the top of this page. If the changes are significant, we will notify active programme participants by email.

We encourage you to review this policy periodically.

12. Contact & Data Protection Officer

If you have any questions about this policy, or if you wish to exercise your rights under the PDPA, please contact our Data Protection Officer: