Privacy Policy

Rebus Management Services Pte Ltd ("Rebus Consultancy", "we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage with our services.

This policy applies to all visitors, clients, and prospective clients interacting with our website and services. We comply with the General Data Protection Regulation (GDPR), the Singapore Personal Data Protection Act (PDPA), and other applicable data protection laws across the jurisdictions in which we operate.

The data controller responsible for your personal data is:

Rebus Management Services Pte Ltd

66 East Coast Road, #07-04 The Flow Mall

Singapore 428778

For any data protection inquiries, please contact us at: [email protected]

We may collect and process the following categories of personal data:

Information you provide directly:

• Full name

• Email address

• Phone number

• Company or organization name

• Service of interest

• Message content submitted through our contact form

Information collected automatically:

• IP address (anonymized where required by law)

• Browser type and version

• Device type and operating system

• Pages visited and time spent on our website

• Referring website or source

• Cookie identifiers (with your consent)

Google Analytics data:

With your explicit consent, we use Google Analytics 4 (GA4) to collect anonymized usage statistics. This includes page views, session duration, geographic region (country-level), and device information. Google Analytics does not collect personally identifiable information when configured as we have implemented it.

Under the GDPR, we process your personal data based on the following legal grounds:

Consent: For setting non-essential cookies (including Google Analytics) and sending marketing communications. You may withdraw your consent at any time.

Legitimate interest: For improving our website, analyzing usage patterns (with anonymized data), and ensuring the security of our services.

Contractual necessity: For processing data required to deliver our consultancy services to clients.

Legal obligation: Where we are required by law to retain or disclose certain information.

We use the information we collect for the following purposes:

• Responding to inquiries: To process and respond to your contact form submissions and consultation requests.

• Service delivery: To provide our consultancy services and communicate with you regarding ongoing engagements.

• Email confirmations: To send you a confirmation email when you submit an inquiry through our website.

• Website improvement: To analyze how visitors use our website and improve its functionality and content.

• Legal compliance: To comply with applicable laws, regulations, and legal processes.

• Security: To detect, prevent, and address technical issues or fraudulent activity.

Our website uses cookies and similar technologies. We categorize them as follows:

Essential cookies: These are strictly necessary for the website to function and cannot be switched off. They include session management and security cookies.

Analytics cookies (require consent): We use Google Analytics 4 to understand how visitors interact with our website. These cookies are only set after you provide your explicit consent through our cookie banner. You can change your preferences at any time.

You can manage your cookie preferences through the cookie consent banner that appears when you first visit our website, or by clicking the "Cookie Settings" link in our footer. You may also control cookies through your browser settings.

We do not sell your personal data. We may share your information with the following categories of recipients:

• Google LLC: For website analytics purposes (with your consent), processed under Google's data processing terms.

• Hosting providers: Our website infrastructure providers who process data on our behalf under strict data processing agreements.

• Professional advisors: Legal, accounting, or other advisors when necessary for our business operations.

• Law enforcement: When required by law, regulation, or legal process.

All third-party service providers are contractually obligated to protect your data and process it only as instructed by us.

As a global consultancy with offices in Singapore, Mauritius, Cayman Islands, and Amsterdam, your data may be transferred internationally. Where we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission

• Adequacy decisions where applicable

• Binding Corporate Rules where relevant

By submitting your data through our website, you acknowledge that your information may be processed in any of our office locations.

We retain personal data only for as long as necessary for the purposes set out in this policy:

• Contact form submissions: Retained for up to 24 months, unless a client relationship is established.

• Client engagement data: Retained for the duration of the engagement plus 7 years for legal and regulatory compliance.

• Analytics data: Anonymized analytics data is retained for up to 26 months.

• Cookie consent preferences: Retained for 12 months before requesting renewed consent.

When data is no longer needed, it is securely deleted or anonymized.

Depending on your jurisdiction, you may have the following rights regarding your personal data:

Under the GDPR (EU/EEA residents):

• Right of access: Request a copy of the personal data we hold about you.

• Right to rectification: Request correction of inaccurate or incomplete data.

• Right to erasure: Request deletion of your personal data ("right to be forgotten").

• Right to restrict processing: Request limitation of how we process your data.

• Right to data portability: Receive your data in a structured, machine-readable format.

• Right to object: Object to processing based on legitimate interests or for direct marketing.

• Right to withdraw consent: Withdraw consent at any time without affecting prior processing.

Under the PDPA (Singapore residents):

• Right to access and correct your personal data.

• Right to withdraw consent for data collection, use, or disclosure.

To exercise any of these rights, please contact us at [email protected]. We will respond within 30 days.

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit (HTTPS/TLS)

• Secure database storage with access controls

• Regular security assessments and updates

• Staff training on data protection practices

• Incident response procedures for data breaches

While we strive to protect your personal data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but take all reasonable steps to protect your information.

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child, we will take steps to delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website with a revised "Last Updated" date. We encourage you to review this page periodically.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Rebus Management Services Pte Ltd

66 East Coast Road, #07-04 The Flow Mall

Singapore 428778

Email: [email protected]

For EU-related data protection matters, you also have the right to lodge a complaint with a supervisory authority in your country of residence.