Legal · Privacy
Privacy Policy
How AudienceSpark collects, uses, and protects personal data under Singapore PDPA 2012.
This Privacy Policy explains how AudienceSpark Pte. Ltd. ("AudienceSpark", "we", "us", or "our"), UEN 202948163M, with its registered business address at 3 Church Street, #08-01 Samsung Hub, Singapore 049483, collects, uses, discloses, and protects personal data when you visit audiencespark.pro, engage our digital marketing agency services, communicate with us, or otherwise interact with us as a client, prospect, supplier, or website visitor. We are committed to handling personal data responsibly and in compliance with the Personal Data Protection Act 2012 of Singapore ("PDPA"), its subsidiary legislation, and applicable guidelines issued by the Personal Data Protection Commission ("PDPC").
As a Singapore-based digital marketing agency, we process personal data to deliver paid media management, search engine optimisation, creative strategy, lead generation, conversion optimisation, marketing automation, analytics reporting, and related professional services. This policy applies to all channels through which we collect data, including our website, email, telephone, video conferencing, client portals, advertising platforms, and in-person meetings at our Singapore office.
1. Data controller and contact
AudienceSpark Pte. Ltd. is the organisation responsible for personal data described in this policy. For privacy-related enquiries, access requests, correction requests, withdrawal of consent, or complaints, contact our Data Protection Officer at [email protected] or write to Data Protection Officer, AudienceSpark Pte. Ltd., 3 Church Street, #08-01 Samsung Hub, Singapore 049483. We aim to acknowledge privacy enquiries within five business days and to resolve straightforward requests within thirty calendar days, subject to complexity and statutory extensions permitted under the PDPA.
2. Personal data we collect
Personal data means data, whether true or not, about an individual who can be identified from that data or from that data and other information to which we have or are likely to have access. Depending on your relationship with us, we may collect the following categories of personal data:
- Identity and contact data: full name, job title, company name, business address, email address, telephone number, and preferred communication channel.
- Account and billing data: billing contact details, purchase order references, invoice history, payment status, and tax identifiers where required for B2B invoicing. We do not intentionally collect full payment card numbers on our website; card processing is typically handled by third-party payment processors subject to their own privacy terms.
- Marketing and enquiry data: information you submit through contact forms, briefing requests, newsletter sign-ups, event registrations, or campaign audits, including your marketing objectives, budget ranges, industry sector, and message content.
- Technical and usage data: IP address, browser type and version, device identifiers, operating system, referral URLs, pages viewed, session duration, click paths, and cookie identifiers. See our Cookie Policy for detail on cookies and similar technologies.
- Client campaign data: where you appoint us as agency, we may process audience lists, CRM exports, conversion data, ad account identifiers, creative assets, brand guidelines, and performance metrics necessary to configure and optimise campaigns on platforms such as Google Ads, Meta Ads, LinkedIn, and analytics tools.
- Communications and recordings: email correspondence, meeting notes, call summaries, and, where notified in advance, recordings of strategy workshops or training sessions for quality and training purposes.
- Recruitment data: if you apply for a role with us, curriculum vitae, employment history, qualifications, and interview assessments.
Where lawful and appropriate, we may also receive personal data about you from third parties such as referral partners, event organisers, publicly available business directories, or advertising platforms when you interact with our ads.
3. Purposes of collection, use, and disclosure
We collect, use, and disclose personal data only where we have a legitimate purpose under the PDPA and, where required, your consent. Our primary purposes include:
- Responding to enquiries, scheduling growth briefings, and preparing proposals or statements of work;
- Delivering contracted agency services, including media buying, SEO audits, content production, reporting, and account management;
- Configuring tracking, attribution, and analytics implementations with appropriate technical safeguards;
- Issuing invoices, processing payments, and maintaining financial records;
- Providing client support, service updates, and operational notifications;
- Improving our website, programmes, and service quality through aggregated usage analysis;
- Conducting security monitoring, fraud prevention, and incident response;
- Complying with legal obligations, regulatory requests, and professional standards;
- Sending marketing communications about our services where permitted by law and your preferences.
We do not sell personal data. We may disclose personal data to categories of recipients including cloud hosting providers, email service providers, customer relationship management systems, project management tools, analytics vendors, advertising platforms, professional advisers (lawyers, accountants), and authorities where required by law. Each recipient is engaged subject to contractual or statutory obligations to protect personal data appropriately.
4. Consent, notification, and withdrawal
Under the PDPA, we notify you of the purposes for which your personal data will be collected, used, and disclosed, and seek your consent unless an exception applies. Exceptions may include situations where collection or use is necessary for evaluative purposes in connection with employment, solely for investigative purposes, or clearly in your interests and consent cannot be obtained in a timely way. For marketing messages sent by electronic means, we comply with the Do Not Call provisions where applicable and honour opt-out requests promptly.
You may withdraw consent for any purpose that relies on consent by contacting [email protected]. Withdrawal does not affect the lawfulness of processing before withdrawal. In some cases, withdrawal may limit our ability to continue providing specific services, for example where analytics cookies are rejected or where campaign data is required to operate ad accounts.
5. PDPA rights: access and correction
You have the right to request access to personal data about you that is in our possession or under our control, and to request correction of any error or omission, subject to exceptions under the PDPA. We may charge a reasonable fee for manifestly unfounded or excessive requests as permitted by law. To submit an access or correction request, email [email protected] with sufficient information to verify your identity and describe the data concerned. We will respond within the timeframe prescribed by the PDPA.
6. Accuracy and retention
We take reasonable steps to ensure personal data is accurate and complete, particularly where it is likely to be used to make decisions affecting you or disclosed to another organisation. Retention periods depend on the nature of the data and our legal, accounting, and operational requirements. Illustrative periods include: active client records for the duration of the engagement plus seven years for financial records; enquiry records for twenty-four months unless converted to a client relationship; website analytics logs for fourteen months; and marketing suppression lists for as long as necessary to honour opt-outs. When personal data is no longer needed, we delete, anonymise, or securely destroy it.
7. Protection and security
We implement reasonable administrative, technical, and physical safeguards to protect personal data against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. Measures include access controls on a need-to-know basis, multi-factor authentication for critical systems, encrypted transport (TLS) for website traffic, secure password policies, vendor due diligence, and staff training on data protection. No method of transmission or storage is completely secure; we encourage clients to use strong credentials on linked ad accounts and to notify us promptly of suspected incidents.
8. Cross-border transfers
Digital marketing operations routinely involve transfers of personal data to platforms and subprocessors located outside Singapore, including in the United States, European Union, and other jurisdictions where our technology partners host infrastructure. Where we transfer personal data overseas, we take steps required under the PDPA to ensure that the recipient organisation provides a standard of protection comparable to that under the PDPA, such as contractual clauses, documented assessments, or reliance on applicable statutory transfer mechanisms. Details of key overseas recipients are available on request.
9. Third-party websites and platforms
Our website may contain links to third-party websites, and our services integrate with third-party advertising, analytics, and social media platforms. Those third parties collect and process personal data under their own privacy policies. We are not responsible for the privacy practices of Google, Meta, LinkedIn, or other platforms, although we configure client accounts using industry-standard controls where practicable. We encourage you to review the privacy policies of any platform on which your campaigns run.
10. Marketing communications
We may send you information about programmes, events, insights, or service updates if you have consented or if we have an ongoing business relationship and the communication is relevant to your role. Every marketing email includes an unsubscribe mechanism. You may also opt out at any time by emailing [email protected]. If you are on the Singapore Do Not Call Registry, we will not send specified messages to your Singapore telephone number unless we have obtained the required consent or an applicable exception applies.
11. Cookies and online tracking
We use cookies and similar technologies on audiencespark.pro to operate the site, remember preferences, measure traffic, and evaluate campaign effectiveness. Non-essential cookies are deployed only in accordance with your choices via our cookie banner. For a detailed list of cookie categories, vendors, durations, and opt-out methods, please read our Cookie Policy.
12. Children
Our services are directed at businesses and professionals. We do not knowingly collect personal data from individuals under eighteen years of age without appropriate parental or guardian consent. If you believe we have collected data from a minor in error, contact us and we will take steps to delete it.
13. Data breaches
In the event of a data breach that poses a significant risk of harm or impact, we will assess the incident, contain it, and notify affected individuals and the PDPC where required under the PDPA and related guidance. We maintain internal incident response procedures and review them periodically.
14. Updates to this policy
We may update this Privacy Policy to reflect changes in law, technology, or our practices. The "Last updated" date at the top indicates the latest revision. Material changes will be communicated through our website or direct notice where appropriate. Continued use of our website or services after an update constitutes acknowledgement of the revised policy, subject to any additional consent requirements imposed by law.
15. Complaints
If you have concerns about how we handle personal data, contact our Data Protection Officer at [email protected]. If we cannot resolve your concern, you may lodge a complaint with the Personal Data Protection Commission in Singapore. We cooperate with regulatory enquiries in good faith.
Agency services notice: Performance metrics, case studies, and testimonials referenced in our marketing materials are illustrative. They do not guarantee future outcomes for your business. Campaign data processed on your behalf remains subject to your instructions, platform terms, and applicable law.