Privacy Policy

1. About This Policy

The Asia Academy of Digital Economics ("AADE", "we", "us" or "our") is committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 of Singapore (the "PDPA"), as amended by the Personal Data Protection (Amendment) Act 2020, and associated regulations and advisory guidelines issued by the Personal Data Protection Commission ("PDPC").

This Privacy Policy describes how we collect, use, disclose, and manage personal data obtained through our website at aades.academy, our events and training programmes, our research publications, and any other services or interactions with us (collectively, the "Services").

By accessing our website or providing us with your personal data, you acknowledge that you have read and understood this Policy. Please do not access our Services or provide us with personal data if you do not accept this Policy.

2. Personal Data We Collect

We may collect the following categories of personal data, depending on your interaction with us:

Voluntarily Provided Data

• Contact information: name, email address, telephone number, mailing address
• Professional information: job title, organisation or institution name, industry sector
• Event and registration data: dietary preferences, session selections, attendance records
• Communications: content of enquiries, feedback, or correspondence submitted to us
• Membership and subscription data: newsletter subscription preferences, publication access requests

Automatically Collected Data

• Usage data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of access, duration of visit
• Device identifiers: cookies and similar tracking technologies (see Section 6)

3. Purposes of Collection, Use and Disclosure

We collect, use and disclose personal data only for purposes that a reasonable person would consider appropriate in the circumstances, and for which we have notified you either at the time of collection or otherwise. These purposes include:

• Responding to your enquiries, feedback, or requests for information
• Registering you for and administering AADE events, conferences, seminars, training programmes, and webinars
• Sending you newsletters, research publications, event announcements, and other communications you have subscribed to or consented to receive
• Analysing website usage to maintain, improve, and develop our Services
• Processing partnership, collaboration, or membership applications
• Complying with applicable laws, regulations, court orders, or legal obligations
• Protecting the rights, property, or safety of AADE, our stakeholders, or the public
• Any other purpose for which you have given your consent, or that is directly related to the above purposes

We will not use your personal data for purposes other than those notified to you without first seeking your additional consent, unless an exception under the PDPA applies.

4. Consent and Withdrawal

Where we rely on your consent as the basis for processing personal data, such consent may be express (e.g., by checking a box or submitting a form) or deemed (e.g., where you voluntarily provide personal data for an obvious purpose).

You may withdraw consent at any time by contacting us at the details in Section 14. Please note that withdrawing consent does not affect the lawfulness of processing carried out before withdrawal. Withdrawal of consent may mean we are unable to continue providing certain Services to you, and we will notify you of the consequences of withdrawal before you exercise that right.

If you no longer wish to receive marketing or newsletter communications from us, you may unsubscribe using the link provided in each communication or by contacting us directly.

5. Disclosure to Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share your personal data with:

• Service providers and data processors: third parties engaged to assist us in operating our Services (e.g., website hosting providers, email service providers, event management platforms, analytics providers), who are contractually bound to process data only on our instructions and to implement appropriate security measures
• Co-organising partners: where you register for a jointly organised event, your registration data may be shared with the co-organiser solely for event administration purposes, and you will be notified at the time of registration
• Regulatory and governmental authorities: where required by law, court order, or to respond to lawful requests from Singapore or overseas regulators and enforcement agencies
• Professional advisers: lawyers, auditors, and insurers under strict confidentiality obligations
• Successors in interest: in connection with a merger, acquisition, reorganisation, or transfer of our business or assets, subject to the successor being bound by privacy obligations at least as protective as this Policy

6. Cookies and Analytics

Our website uses cookies and similar technologies to enhance your browsing experience and to analyse site usage. Cookies are small text files stored on your device when you visit a website.

Types of Cookies We Use

• Strictly necessary cookies: essential for the website to function correctly; these cannot be disabled
• Analytical / performance cookies: collect anonymised data on how visitors use our website, helping us improve its performance and content
• Functionality cookies: remember your preferences (e.g., language, region) to personalise your experience

Most browsers allow you to refuse cookies or to alert you when cookies are being sent. Disabling cookies may limit your ability to use certain features of our website. We do not use cookies to process sensitive personal data.

7. Retention of Personal Data

We retain personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable law or regulation. The retention periods we apply are based on the following general guidelines:

• Event registration data: retained for up to 3 years after the event for administrative and audit purposes
• Contact and enquiry data: retained for up to 2 years from the date of last contact
• Newsletter and marketing consent records: retained for the duration of the subscription and up to 3 years after unsubscription, for compliance purposes
• Website analytics data: retained in anonymised or aggregated form; identifiable data is retained for up to 26 months

When personal data is no longer required, we will take reasonable steps to destroy it securely or anonymise it irreversibly.

8. Protection of Personal Data

We implement reasonable and appropriate technical and organisational security measures to protect personal data against unauthorised access, disclosure, alteration, or destruction. These measures include, but are not limited to:

• Transport Layer Security (TLS/HTTPS) encryption for data transmitted via our website
• Access controls limiting personal data access to authorised staff and contractors on a need-to-know basis
• Regular security assessments and vulnerability reviews of our web infrastructure
• Contractual data protection obligations with third-party service providers

While we take reasonable precautions, no method of electronic storage or transmission is entirely secure. We cannot guarantee absolute security of your personal data.

9. Transfer of Personal Data Overseas

AADE operates with an international network and some of our third-party service providers (such as cloud hosting and analytics providers) may process data in countries outside Singapore. Where we transfer personal data to recipients overseas, we ensure that a standard of protection comparable to the PDPA is provided, by:

• Transferring to countries deemed by the PDPC to provide adequate protection; or
• Entering into binding contractual arrangements with the overseas recipient that require the recipient to provide a standard of protection comparable to the PDPA; or
• Obtaining your specific consent to the overseas transfer

Such transfers are carried out in accordance with the PDPA Transfer Limitation Obligation and associated PDPC regulations.

10. Your Rights: Access and Correction

Under the PDPA, you have the right to:

• Access personal data we hold about you, and information about the ways in which your personal data has been used or disclosed within the past year
• Correct any personal data we hold about you that is inaccurate, incomplete, misleading, or not up-to-date
• Data Portability (where applicable under the PDPC's data portability requirements): request that personal data you provided to us be transmitted to another organisation in a machine-readable format

To exercise these rights, please submit a written request to contact@aades.academy. We will respond within 30 calendar days of receipt. We reserve the right to charge a reasonable fee for access requests as permitted under the PDPA. We may decline requests that are frivolous, vexatious, or require disproportionate effort, and will inform you if we do so.

11. Data Breach Notification

In the event of a notifiable data breach (as defined in the PDPA), we will:

• Notify the PDPC within 3 business days of assessing that a breach is notifiable
• Notify affected individuals as soon as reasonably practicable where the breach is likely to result in significant harm to those individuals

Notifications to affected individuals will contain information about the nature of the breach, the types of personal data involved, and steps individuals may take to protect themselves.

12. Children's Privacy

Our Services are not directed at persons under 18 years of age. We do not knowingly collect personal data from individuals under 18. If you believe we have inadvertently received personal data from a minor, please contact us immediately and we will take steps to delete that data promptly.

13. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the law, or regulatory guidance. The updated Policy will be posted on our website with the revised effective date. Material changes will be notified to you via email (where we hold your contact details) or through a prominent notice on our website.

Your continued use of our Services after the effective date of the updated Policy constitutes your acceptance of the revised terms.

14. Contact Us