Privacy Policy

This website is brought to you by PALISADE SECURITY PTE. LTD. (“Palisade Security“, “we”, “us” or “our”). We take the privacy of our website users very seriously. We ask that you read this Privacy Policy (the “Policy”) carefully as it contains important information about how we will collect, use and/or disclose your personal data in accordance with the Singapore’s Personal Data Protection Act 2012 (“PDPA”). Throughout this Policy, the meaning of the term “personal data” is as defined in the PDPA.

For the purposes of the PDPA, we are the organisation that collect, use and/or disclose your personal data.

1. Personal data we may collect about you.

We collect personal data about you in the following ways:

  • When you use our website: When you complete a contact or quote request form on our website, we will collect personal data such as your first name, last name, email address, and phone number.
  • When you become a client: As part of our client onboarding process, we will collect further business contact details, which may include names, email addresses, and phone numbers of emergency, technical, and other key contacts responsible for the engagement.
  • From third parties: Occasionally we may receive information about you from other third parties, which we will add to the information we already hold about you in order to help us provide services and improve and personalise our service to you.
  • Data accessed during service delivery: During a security assessment engagement, our testers may incidentally access personal data stored on our clients' systems. The handling of such data is governed strictly by the Confidentiality and Data Protection clauses of our Master Service Agreement (MSA) and is not covered by this website Privacy Policy. In this context, we act as a “Data Processor” on behalf of our client, who is the “Data Controller”.

2. How we use your personal data

We use the personal data we collect from you for the following purposes:

  • To respond to your enquiries and provide you with quotes for our services;
  • To create and manage our client relationship with you;
  • For client administration, including billing and support;
  • To carry out our obligations arising from any contracts entered into between you and us;
  • To notify you about changes to our services or policies;
  • For internal record-keeping and to comply with our legal and regulatory obligations, including those required for our Council of Registered Ethical Security Testers (CREST) accreditation; and
  • For marketing our services to you, subject to your consent (see “Marketing and Opting Out” below).

3. Marketing and opting out

We will only contact you by email, phone, or other electronic means with information about our services, promotions, or industry insights if you have provided us with your express consent to do so.

In accordance with our obligations under the PDPA, we will not send specified marketing messages to a Singapore telephone number if that number is registered with the Do Not Call (DNC) Registry, unless we have your clear and unambiguous consent.

You have the right to withdraw your consent and opt out of receiving marketing communications from us at any time. If you wish to exercise this right, you can do so by:

  • Clicking the 'unsubscribe' link provided in any of our marketing emails; or
  • Following the instructions in the “Your rights” section below.

4. Disclosure of your personal data

We may disclose your personal data to:

  • other companies within our group;
  • our agents and service providers; or
  • law enforcement agencies in connection with any investigation to help prevent unlawful activity, or as otherwise required by law.

5. Keeping your data secure

We will use appropriate technical and organisational measures to safeguard your personal data, consistent with industry best practices and our CREST accreditation standard. For example:

  • access to your account is controlled by a password and username that are unique to you;
  • we store your personal data on secure servers with controlled access; and
  • we use industry-standard encryption for data both in transit and at rest;

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason, we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet.

6. Transfers of data out of Singapore

We do not typically transfer your personal data to countries outside of Singapore. Should it become necessary to do so, we will ensure that any transfer of your data is subject to appropriate security measures and legally enforceable obligations to safeguard your privacy rights

7. Your rights

You have the right to request access to personal data that we may process about you. If you wish to exercise this right, you should:

  • put your request in writing (with a header that says “Request for Access to Personal Data”);
  • include proof of your identity and address (e.g. a copy of your NRIC or passport or driving licence); and
  • specify the personal data you want access to.

You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right, you should:

  • put your request in writing (with a header that says “Request for Correction of Personal Data”);
  • provide us with enough information to identify you (e.g. username and registration details); and
  • specify the information that is incorrect and what it should be replaced with.

You also have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, you should:

  • put your request in writing (with a header that says 'Unsubscribe' is acceptable);
  • provide us with enough information to identify you (e.g. username and registration details); and
  • if your objection is not to direct marketing in general, but to direct marketing by a particular channel (e.g. email or telephone), please specify the channel you are objecting to.

8. Our contact details

We welcome your feedback and questions. If you wish to contact us, please send an email to our Data Protection Officer at dpo@palisade.com.sg or write to us at our registered office: 60 Paya Lebar Road #06-28, Singapore 40905.

We may change this Policy from time to time. You should check this Policy occasionally to ensure you are aware of the most recent version that will apply each time you access this website.