Privacy Policy

Last Updated: March 22, 2026

1. Information We Collect

We may collect the following types of personal data:

1.1 Information You Provide Directly

• Contact information: Name, email address, phone number, company name, job title.
• Inquiry details: Messages submitted through our contact form, including the nature of your inquiry and service interests.
• Business information: Company details, billing addresses, tax identification numbers provided during service engagements.
• Communication records: Emails, chat logs, and other correspondence between you and Novyra Group.

1.2 Information Collected Automatically

• Device information: Browser type, operating system, device type, screen resolution.
• Usage data: Pages visited, time spent on pages, click patterns, referral sources.
• Network information: IP address, approximate geographic location (city/country level).
• Cookies and similar technologies: Session identifiers, preference cookies, and analytics cookies (see Section 7).

1.3 Information from Third Parties

• Business contact information from publicly available sources or professional networks.
• Referral information from existing clients or business partners.
• Information from analytics and advertising partners.

2. How We Use Your Information

We use collected personal data for the following purposes:

• Service delivery: To provide, manage, and support the technology services you've engaged us for.
• Communication: To respond to your inquiries, send service updates, and provide technical support.
• Business operations: To process invoices, manage contracts, and maintain client records.
• Website improvement: To analyse website usage patterns and improve our digital experience.
• Marketing: To send relevant industry insights, service updates, and promotional materials (with your consent).
• Security: To detect, prevent, and respond to security incidents and fraudulent activity.
• Legal compliance: To comply with applicable laws, regulations, and legal processes.

3. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

• Consent: Where you have given explicit consent for specific processing activities (e.g., marketing communications).
• Contractual necessity: Where processing is necessary to perform our obligations under a service agreement.
• Legitimate interests: Where processing is necessary for our legitimate business interests, such as improving our services and ensuring security.
• Legal obligation: Where processing is required to comply with applicable laws and regulations.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

• Service providers: Trusted third-party vendors who assist in delivering our services (e.g., cloud hosting providers, payment processors, analytics platforms). These providers are bound by data processing agreements and confidentiality obligations.
• Professional advisors: Legal, accounting, and audit professionals as necessary for business operations.
• Business transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred as part of the business transaction.
• Legal requirements: When required by law, court order, or government regulation, or to protect the rights, property, or safety of Novyra Group, our clients, or others.

5. International Data Transfers

As a Singapore-based company serving international clients, your personal data may be transferred to and processed in countries outside of Singapore. When we transfer data internationally, we implement appropriate safeguards, including:

• Standard contractual clauses approved by relevant data protection authorities.
• Data processing agreements with adequate security and privacy commitments.
• Ensuring the receiving jurisdiction provides adequate data protection or implementing supplementary measures as needed.

6. Data Security

We implement comprehensive technical and organisational measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL) and at rest (AES-256).
• Access controls with role-based permissions and multi-factor authentication.
• Regular security assessments, vulnerability scanning, and penetration testing.
• Employee security awareness training and background checks.
• Incident response procedures with defined escalation protocols.
• Physical security measures at our office and data centre locations.

While we take all reasonable steps to protect your data, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience:

• Essential cookies: Required for basic website functionality (e.g., session management, security). These cannot be disabled.
• Analytics cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). These collect aggregated, anonymised data.
• Preference cookies: Remember your settings and preferences for a personalised experience.
• Marketing cookies: Used to deliver relevant advertisements and measure campaign effectiveness (only with your consent).

You can manage your cookie preferences through your browser settings. Disabling certain cookies may affect your experience on our website.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Active client data: Retained for the duration of the service engagement plus seven (7) years for tax and legal compliance.
• Inquiry data: Retained for two (2) years from the date of the last interaction.
• Website analytics data: Retained in anonymised form for up to three (3) years.
• Marketing consent records: Retained for as long as the consent is valid, plus one (1) year after withdrawal.

When data is no longer needed, it is securely deleted or anonymised in accordance with our data disposal procedures.

9. Your Rights

Under the PDPA and applicable data protection laws, you have the following rights:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate or incomplete personal data.
• Withdrawal of consent: Withdraw consent for specific processing activities at any time.
• Deletion: Request deletion of your personal data where it is no longer necessary for the purposes collected.
• Data portability: Request transfer of your personal data in a structured, commonly used format (where technically feasible).
• Objection: Object to processing based on legitimate interests.

To exercise any of these rights, please contact us at help@novyragroup.com. We will respond to your request within thirty (30) days.

10. Children's Privacy

Our Services and Website are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child, we will take immediate steps to delete such data.

11. Third-Party Links

Our Website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party websites you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy.
• Post a notice on our Website for significant changes.
• Notify affected individuals via email where required by law.

13. Data Protection Officer

For questions, concerns, or requests related to your personal data and privacy, please contact our Data Protection Officer:

14. Complaints

If you believe your personal data has been mishandled, you have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore:

• Website: www.pdpc.gov.sg
• Phone: +65 6377 3131

We encourage you to contact us first so we can address your concerns directly.

15. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Email: help@novyragroup.com
Address: No 7 Temasek Boulevard, #12-07, Suntec Tower One, Singapore, 038987