Privacy Policy
How SovereignAthletics collects, uses, and protects your personal data in accordance with Singapore law.
Last updated: May 2025 | SovereignAthletics Pte. Ltd. (UEN 201473829F)
This Privacy Policy describes how SovereignAthletics Pte. Ltd. ("SovereignAthletics", "we", "us", or "our") collects, uses, discloses, and protects personal data in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and its subsidiary legislation, including the Personal Data Protection Regulations 2021 and advisory guidelines issued by the Personal Data Protection Commission ("PDPC").
By accessing our website at sovereignathletics.pro, using our services, or submitting personal data to us, you acknowledge that you have read and understood this Privacy Policy.
1. Data Controller
SovereignAthletics Pte. Ltd. is the organisation responsible for the personal data we collect and process.
- Registered address: 71 Ayer Rajah Crescent #07-12, Singapore 139951
- Email: [email protected]
- Phone: +65 6872 4456
- UEN: 201473829F
For data protection enquiries, please contact our Data Protection Officer at [email protected] with the subject line "PDPA Enquiry".
2. Personal Data We Collect
We may collect the following categories of personal data depending on your interaction with us:
2.1 Information You Provide Directly
- Identity data: full name, job title, company name
- Contact data: email address, telephone number, business address
- Enquiry data: solution preferences, consultation dates, team size, budget ranges, messages, and other information submitted through our contact form
- Account data: login credentials and profile information if you register for our governance platforms
- Communication data: records of correspondence, meeting notes, and advisory session materials
- Payment data: billing information and transaction records (processed through secure third-party payment providers)
2.2 Information Collected Automatically
- Technical data: IP address, browser type and version, operating system, device identifiers
- Usage data: pages visited, time spent on pages, referral URLs, click patterns
- Cookie data: essential cookies required for website functionality (see Section 8)
2.3 Information from Third Parties
- Business contact information from publicly available sources or professional networking platforms
- Referral information from existing clients or partners, where consent has been obtained
- Verification data from credit reference or corporate registry agencies where required for due diligence
3. Purposes of Collection, Use, and Disclosure
We collect and use personal data for the following purposes, in accordance with the PDPA:
- To respond to enquiries and provide information about our AI governance solutions and services
- To schedule and conduct consultations, governance briefings, and advisory sessions
- To deliver, administer, and improve our institutional AI governance products and services
- To process payments and manage billing in Singapore Dollars (SGD)
- To communicate service updates, governance notices, and relevant business information
- To comply with legal and regulatory obligations under Singapore law
- To protect our legitimate business interests, including fraud prevention and security
- To conduct internal analytics and service quality improvement
- To enforce our Terms of Service and resolve disputes
We will not use your personal data for purposes incompatible with those stated above without obtaining your consent, unless permitted or required by law.
4. Legal Basis for Processing
Under the PDPA, we rely on the following bases for processing personal data:
- Consent: Where you have voluntarily provided personal data through our contact forms, cookie acceptance, or service agreements
- Contractual necessity: Where processing is necessary to perform our obligations under a contract with you or your organisation
- Legal obligation: Where processing is required to comply with applicable Singapore laws and regulations
- Legitimate interests: Where processing is necessary for our legitimate business interests, provided such interests are not overridden by your data protection rights
5. Disclosure of Personal Data
We may disclose personal data to the following categories of recipients, subject to appropriate safeguards:
- Our employees and contractors who require access to perform their duties
- Cloud infrastructure and technology service providers hosting our governance platforms
- Payment processors and financial institutions for transaction processing
- Professional advisers including legal counsel, auditors, and consultants
- Government authorities, regulators, or law enforcement where required by Singapore law
- Business partners involved in delivering integrated AI governance solutions, under confidentiality agreements
We do not sell your personal data to third parties. Where personal data is transferred outside Singapore, we ensure that the recipient provides a standard of protection comparable to that under the PDPA, in accordance with the PDPA's transfer requirements.
6. Retention of Personal Data
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Retention periods include:
- Enquiry and contact form data: 3 years from last interaction, unless a business relationship is established
- Client contract and service data: duration of engagement plus 7 years for regulatory compliance
- Financial and payment records: 7 years in accordance with Singapore accounting requirements
- Website usage and technical logs: 12 months
- Cookie consent records: 12 months from date of consent
Upon expiry of the retention period, personal data will be securely destroyed or anonymised.
7. Your Rights Under the PDPA
As an individual, you have the following rights regarding your personal data:
- Right of access: Request access to personal data we hold about you and information about how it has been used or disclosed within the past year
- Right of correction: Request correction of inaccurate or incomplete personal data
- Right to withdraw consent: Withdraw consent for the collection, use, or disclosure of your personal data, subject to legal and contractual restrictions
- Right to data portability: Request a copy of your personal data in a commonly used machine-readable format, where technically feasible
- Right to complain: Lodge a complaint with the Personal Data Protection Commission if you believe your data protection rights have been violated
To exercise any of these rights, please submit a written request to [email protected]. We will respond within 30 days, or inform you of any extension in accordance with PDPA requirements. A reasonable fee may be charged for access requests as permitted under the PDPA.
8. Cookies and Similar Technologies
Our website uses essential cookies necessary for basic functionality, including remembering your cookie consent preference via localStorage. We do not use third-party advertising or tracking cookies.
When you first visit our website, a cookie consent banner is displayed. By clicking "Accept", you consent to the use of essential cookies. Your preference is stored locally in your browser and will not be requested again unless you clear your browser storage.
You may configure your browser to refuse cookies; however, this may affect website functionality.
9. Security Measures
We implement appropriate administrative, technical, and physical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. These measures include:
- Encryption of data in transit using TLS/SSL protocols
- Access controls and role-based permissions for employees
- Regular security assessments and vulnerability testing
- Secure data centres with physical access controls
- Incident response procedures for data breaches
- Staff training on data protection obligations
In the event of a data breach that is likely to result in significant harm or affect a significant number of individuals, we will notify the PDPC and affected individuals in accordance with the PDPA's data breach notification requirements.
10. AI Processing and Automated Decision-Making
As an institutional AI governance provider, SovereignAthletics may process personal data through artificial intelligence systems as part of our service delivery. Where automated decision-making significantly affects individuals, we ensure:
- Transparency about the logic involved and potential consequences
- Human oversight and review mechanisms
- Opportunities for individuals to request human intervention or challenge automated decisions
- Compliance with the PDPC's Advisory Guidelines on Key Concepts in the PDPA regarding automated decision-making
11. Children's Personal Data
Our services are directed at business professionals and institutions. We do not knowingly collect personal data from individuals under 18 years of age. If we become aware that personal data of a minor has been collected, we will take steps to delete such data promptly.
12. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those websites. We encourage you to review the privacy policies of any third-party sites you visit.
13. Do Not Call Registry
We comply with the Do Not Call Provisions under the PDPA. If you have registered your Singapore telephone number with the Do Not Call Registry, we will not send marketing messages to that number unless you have provided clear and unambiguous consent or an ongoing business relationship exemption applies.
14. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated through our website or direct notification where appropriate. The "Last updated" date at the top of this page indicates when the policy was most recently revised.
We encourage you to review this Privacy Policy periodically. Continued use of our website or services after changes constitutes acceptance of the updated policy.
15. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact:
- Data Protection Officer
- SovereignAthletics Pte. Ltd.
- 71 Ayer Rajah Crescent #07-12, Singapore 139951
- Email: [email protected]
- Phone: +65 6872 4456
You may also contact the Personal Data Protection Commission:
- Website: www.pdpc.gov.sg
- Phone: +65 6377 3131