Privacy Policy

Part A — Organisation and scope

A.1 Data controller identity

Brand Nexus Pte. Ltd. (Unique Entity Number 202816572K), registered at 277 Orchard Road, #11-22 Orchard Gateway, Singapore 238858, operates the website https://brandnexus.one and delivers brand strategy, identity design, and campaign stewardship services ("Brand Nexus", "we", "us", or "our"). For the purposes of the Personal Data Protection Act 2012 (PDPA) of Singapore, Brand Nexus is the organisation responsible for personal data described in this Privacy Policy.

A.2 Who this policy covers

This Privacy Policy applies to individuals who visit brandnexus.one, submit enquiries through our contact form, communicate with us by email or telephone, attend workshops at our Orchard Gateway studio, or engage us for brand studio services. It explains what personal data we collect, how we use it, who we share it with, how long we retain it, and the choices available to you under Singapore law.

This policy does not govern third-party websites linked from our Site. External sites operate under their own privacy practices. We encourage you to review their policies before submitting personal data elsewhere.

A.3 Legal framework

Singapore's PDPA establishes baseline standards for organisations that collect, use, and disclose personal data. Brand Nexus observes the PDPA's consent, notification, purpose limitation, access and correction, accuracy, protection, retention limitation, transfer limitation, and accountability obligations. Where other laws apply concurrently — for example, contractual confidentiality terms in client agreements — those instruments operate alongside this policy.

Questions about data protection may be directed to our privacy contact at [email protected]. Unresolved concerns may be referred to the Personal Data Protection Commission (PDPC) of Singapore.

Part B — Data we collect and why

B.1 Categories of personal data

The personal data we collect depends on how you interact with Brand Nexus. Categories may include:

• Identity and contact information: full name, job title, company name, email address, telephone number, and postal address when you provide them
• Enquiry content: messages submitted via contact.php, email correspondence, meeting notes, and call summaries where applicable
• Technical data: IP address, browser type, device identifiers, pages visited, referral URLs, session timestamps, and cookie consent records (see our Cookie Policy)
• Client project data: brand briefs, stakeholder lists, billing details, approved identity assets, and performance snapshots supplied during engagements
• Marketing preferences: records of opt-in or opt-out choices for promotional communications where permitted by law

We do not intentionally collect sensitive personal data — such as NRIC numbers, financial account credentials, or health information — through the public contact form. Client contracts may require additional categories subject to separate agreements and heightened safeguards.

B.2 Collection methods

Personal data is collected when you:

• Complete and submit the contact form at brandnexus.one/contact.php, including the PDPA consent checkbox
• Send email to [email protected], [email protected], or other Brand Nexus addresses
• Telephone our studio at +65 6920 3184 during business hours
• Attend workshops, design reviews, or briefings at Orchard Gateway
• Enter into a client agreement for brand programmes or studio services
• Browse brandnexus.one, triggering server logs or cookies in accordance with your cookie preferences

We may receive personal data from referral partners or event registrations where you have been informed that data will be shared with Brand Nexus and consent has been obtained where the PDPA requires it.

B.3 Purposes of use and disclosure

Brand Nexus collects, uses, and discloses personal data for purposes a reasonable person would consider appropriate, including:

• Responding to enquiries about brand programmes, identity audits, and corporate brand projects
• Scheduling and conducting strategy workshops, design reviews, and launch planning sessions
• Delivering contracted brand strategy, identity architecture, visual language, and campaign stewardship services
• Processing invoices, payments, and administrative records related to client engagements
• Maintaining Site security, diagnosing technical issues, and analysing aggregate usage patterns
• Complying with legal obligations, regulatory requests, and dispute resolution procedures
• Sending service-related notices and, where you have opted in or where permitted without consent, information about Brand Nexus offerings

We disclose personal data to third parties only where necessary for these purposes, including:

• Hosting providers, email delivery services, and analytics vendors (with consent where required)
• Accounting, legal, and professional advisers bound by confidentiality obligations
• Government authorities when required by applicable Singapore law
• Production partners involved in client projects under contractual data protection terms

We do not sell personal data to third parties for their independent marketing purposes.

B.4 Consent mechanics

Where the PDPA requires consent, we obtain it through clear affirmative action. Our contact form includes a PDPA consent checkbox that is not pre-checked — you must actively select it before submitting an enquiry. Submission constitutes consent for us to use your contact details and message content to respond to that enquiry.

You may withdraw consent for marketing communications at any time by emailing [email protected]. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal, nor does it prevent us from processing data necessary to perform a contract or comply with legal obligations.

Part C — Your rights and our obligations

C.1 Access and correction

You may request access to personal data we hold about you and request correction of inaccurate or incomplete data. Submit requests to [email protected] with sufficient detail for us to verify your identity and locate relevant records. We respond within reasonable timeframes prescribed by the PDPA and may charge a fee for manifestly unfounded or excessive requests as permitted by law.

C.2 Accuracy and notification

We take reasonable steps to ensure personal data is accurate and complete relative to the purposes for which it is used. When we collect data directly from you, we generally rely on the information you provide. Please notify us promptly if your contact details change so we can maintain accurate records.

C.3 Do Not Call Registry

Where we contact you by telephone for marketing purposes, we comply with Singapore's Do Not Call (DNC) Registry requirements. If you have registered a Singapore telephone number with the DNC Registry, we will not send marketing messages to that number unless you have provided clear consent or an ongoing business relationship exception applies under the PDPA.

C.4 Children's data

Brand Nexus services are directed at business clients and marketing professionals. We do not knowingly collect personal data from individuals under eighteen years of age through brandnexus.one. If you believe a minor has submitted data to us, contact [email protected] and we will take appropriate steps to delete it.

Part D — Security, retention, and transfers

D.1 Protection measures

We implement reasonable administrative, technical, and physical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. Measures include access controls for studio systems, secure transmission where practicable, and contractual requirements for service providers who process data on our behalf.

No method of transmission or storage is completely secure. While we strive to protect personal data, we cannot guarantee absolute security. You transmit information to us at your own risk and should avoid sending sensitive identifiers through unsecured channels.

D.2 Retention periods

We retain personal data only as long as necessary for the purposes collected, unless a longer period is required by law or legitimate business needs such as dispute resolution. Indicative retention periods include:

• Contact form enquiries: up to twenty-four months from last meaningful correspondence unless a client relationship develops
• Client project records: duration of engagement plus up to seven years for contractual, tax, and legal compliance
• Server logs: typically up to twelve months unless required for security investigations
• Cookie consent records: up to six months locally in your browser, as described in our Cookie Policy

When data is no longer needed, we delete or anonymise it using reasonable methods.

D.3 Cross-border transfers

Some service providers may process personal data outside Singapore — for example, cloud hosting in regional data centres. Where we transfer personal data overseas, we take steps required under the PDPA to ensure recipients provide a standard of protection comparable to that under Singapore law, including contractual clauses or verified certifications where applicable.

Part E — Contact and updates

E.1 Privacy enquiries

Direct privacy questions, access or correction requests, and consent withdrawal notices to:

Brand Nexus Pte. Ltd. — Privacy
Email: [email protected]
Postal: 277 Orchard Road, #11-22 Orchard Gateway, Singapore 238858
Telephone: +65 6920 3184 (Mon–Fri 09:00–18:00 SGT)

E.2 Policy changes

We may update this Privacy Policy to reflect changes in law, technology, or our practices. Material changes will be indicated by updating the effective date at the top of this page. Continued use of brandnexus.one after updates constitutes acknowledgement of the revised policy where permitted by law. We encourage periodic review of this document.

E.3 Related documents

This Privacy Policy should be read together with our Cookie Policy, Terms of Use, and Legal Notice. Client engagements may additionally be governed by signed service agreements with specific data handling terms.