Privacy Policy

30-04-2026

1. Introduction 

JustifyAI Pte Ltd (UEN 202609953E) (“we”, “us”, “our”) is committed to protecting the privacy of personal data. This Privacy Policy explains how we collect, use, disclose, and protect personal data in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”), the Australian Privacy Act 1988 (where applicable), and other relevant privacy laws in jurisdictions where we operate. 

This policy applies to personal data we collect through our website (justifyai.com), in the course of providing consulting and software development services, and through any other interactions with us. 

2. Personal Data We Collect 

We may collect the following categories of personal data: 

  • Contact details — name, business email, phone number, job title, and employer of clients, prospects, and contacts at partner organisations. 

  • Engagement information — records of meetings, correspondence, contracts, invoices, and timesheets. 

  • Client project data — data provided by clients to enable us to deliver services. This may include personal data of the client’s own customers, employees, or end users where the client authorises us to access it. 

  • Website data — basic technical information from website visitors (e.g. IP address, browser type, pages viewed) where collected through standard logging or analytics. 

3. How We Collect Personal Data 

• Directly from individuals (e.g. when you contact us, sign a contract, or attend a meeting). 
• From clients or partner organisations who engage us to provide services. 
• From publicly available sources (e.g. LinkedIn, company websites) for business development purposes. 

4. Purposes for Which We Use Personal Data 

We use personal data only for purposes that are reasonable and have been notified to you, including: 

  • Delivering consulting, AI strategy, and software development services to clients.

  • Negotiating, executing, and administering contracts. 

  • Issuing invoices, processing payments, and maintaining accounting records. 

  • Communicating with clients, prospects, and partners. 

  • Complying with legal, regulatory, and tax obligations. 

  • Improving our services and managing our business operations.

    We do not sell personal data and we do not use personal data for direct marketing without consent. 

5. Disclosure of Personal Data 

We may disclose personal data to: 

  • Clients and partner organisations as necessary to deliver services (e.g. via staffing or pass-through arrangements). 

  • Service providers who support our operations (e.g. cloud hosting, accounting, legal, and IT service providers), subject to confidentiality obligations. 

  • Government, regulatory, or law enforcement bodies where required by law.

  • Professional advisors (e.g. lawyers, auditors, insurers) where reasonably necessary. 

6. Cross-Border Transfers 

As a Singapore-based company serving clients in Australia and other jurisdictions, personal data may be transferred outside Singapore. Where this occurs, we take reasonable steps to ensure recipients provide a comparable standard of protection to that required under the PDPA, including through contractual safeguards. 

7. Security of Personal Data 

We protect personal data through reasonable technical and organisational measures, including: 

  • Multi-factor authentication on all business accounts. 

  • Endpoint protection on all devices used to access personal data. 

  • Encrypted cloud storage and email (Microsoft 365). 

  • Access controls limiting personal data to those who need it. 

  • Regular review of security practices. 

8. Retention 

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law (e.g. tax and accounting records are retained for at least 5 years under Singapore law). 

9. Your Rights 

Subject to applicable law, you have the right to: 

  • Request access to personal data we hold about you. 

  • Request correction of inaccurate or incomplete personal data. 

  • Withdraw consent for the collection, use, or disclosure of personal data (subject to legal or contractual restrictions). 

  • Lodge a complaint with the relevant data protection authority (e.g. the Personal Data Protection Commission of Singapore). 

10. Data Breach Notification 

In the event of a data breach that is likely to result in significant harm to affected individuals or that affects 500 or more individuals, we will notify the Personal Data Protection Commission and affected individuals in accordance with the PDPA, and any other applicable laws.

11. Changes to This Policy 

We may update this Privacy Policy from time to time. The current version is published on our website with the effective date noted above. 

12. Contact 

For questions about this policy or to exercise your rights, contact our Data Protection Officer at the details above.

Email: dpo@justifyai.com