BrandShift
Home Services Work About FAQ Contact

Privacy

Privacy Policy

Last updated: 13 July 2026

This Privacy Policy explains how BrandShift Co Pte. Ltd. (UEN 202561047K), registered at 36 Tras Street, #02-01, Singapore 078995 ("BrandShift", "we", "us", "our"), collects, uses, discloses, stores and protects personal data when you visit brandshiftco.pro, contact us, or engage our brand strategy, repositioning, identity, creative, paid media, SEO and content services. We process personal data in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and applicable subsidiary legislation.

1. Who we are and how to contact us

BrandShift Co Pte. Ltd. is the data controller for personal data collected through this website and for client-related personal data processed in connection with our professional marketing services. For privacy enquiries, data access requests or withdrawal of consent, contact:

Email: [email protected]
Postal address: 36 Tras Street, #02-01, Singapore 078995
Telephone: +65 6227 4180

We will respond to verified requests within reasonable timeframes as required by the PDPA, typically within thirty calendar days unless an extension is permitted by law and communicated to you.

2. Scope of this policy

This policy applies to personal data we collect through brandshiftco.pro, email and telephone communications initiated via the site, contact forms, cookie and analytics technologies described in our Cookie Policy, and personal data processed when you become a client or prospective client of BrandShift. It does not apply to third-party websites linked from our pages, or to personal data processed solely on behalf of clients in their capacity as data controllers — in those cases, the client's privacy policy governs and we act as a data intermediary or processor under contract.

3. Personal data we collect

3.1 Data you provide directly

When you submit our contact form or correspond with us, we may collect your name, email address, telephone number if provided, company name, job title, message content, subject selection and PDPA consent record. We do not use pre-ticked consent boxes. The honeypot field "website" in our form is a spam-control measure and should remain empty; if completed by automated bots, the submission is discarded without substantive processing.

3.2 Client and engagement data

When you engage our services, we may additionally collect billing contact details, authorised signatory information, brand and campaign materials that may contain personal data of your employees or customers, access credentials or delegated platform permissions, meeting notes, and correspondence related to project delivery. We collect only data reasonably necessary for the engagement scope.

3.3 Automatically collected technical data

When you browse our website, we or our service providers may collect IP address, browser type and version, device type, operating system, referring URL, pages viewed, time and date of access, and approximate geographic location derived from IP. This data is collected through cookies, server logs and similar technologies as described in our Cookie Policy.

4. Purposes of collection, use and disclosure

We collect and use personal data for purposes that a reasonable person would consider appropriate in the circumstances, including:

  • Responding to enquiries submitted through contact forms, email or telephone;
  • Assessing whether our brand strategy, repositioning, identity, creative, paid media, SEO or content services suit your requirements;
  • Negotiating, entering into and performing client contracts and statements of work;
  • Delivering professional marketing services, reporting, invoicing and account management;
  • Maintaining website security, diagnosing technical faults and preventing fraud or abuse;
  • Complying with legal obligations, regulatory requests and lawful directions from authorities;
  • Improving our website and understanding aggregate visitor behaviour where analytics cookies are consented to;
  • Sending service-related communications; we do not sell personal data to third parties for their independent marketing.

Where the PDPA requires consent for a purpose — notably certain analytics and advertising cookies — we obtain consent through our cookie banner before activating non-essential tracking, except where an applicable exception applies. Contact form processing relies on your explicit consent tick box plus our legitimate interest in responding to business enquiries.

5. Legal bases and PDPA obligations

Under the PDPA, organisations must not collect, use or disclose personal data unless the individual has given consent, or collection, use or disclosure without consent is permitted under the Act or regulations. We rely on consent where required, contractual necessity for client engagements, and legitimate interests such as network security and responding to unsolicited business enquiries — balanced against your rights. We notify you of purposes at or before the point of collection where practicable, via this policy and contextual notices on forms.

6. Disclosure to third parties

We may disclose personal data to:

  • Hosting and infrastructure providers who store website data on secure servers;
  • Email and productivity service providers used for business correspondence;
  • Analytics and advertising technology providers where you have consented to such cookies;
  • Professional advisers including lawyers and accountants under confidentiality obligations;
  • Regulators, courts or law enforcement when required by applicable law;
  • Production partners or subcontractors engaged for client deliverables, under contracts requiring PDPA-aligned handling.

We require service providers who handle personal data on our behalf to implement appropriate protective measures. We do not authorise them to use your data for their own unrelated marketing. Where data is transferred outside Singapore, we take steps required under the PDPA to ensure a comparable standard of protection, including contractual clauses where appropriate.

7. Retention

We retain personal data only as long as necessary for the purposes collected, unless a longer period is required or permitted by law. Indicative retention periods:

  • Contact form enquiries not leading to engagement: up to twenty-four months from last correspondence, then deletion or anonymisation;
  • Client project records and contracts: duration of engagement plus seven years for legal, tax and dispute limitation purposes;
  • Cookie consent preferences: six months from your choice, as stated in our cookie banner;
  • Server logs: typically ninety days unless needed for security investigations.

When data is no longer needed, we delete, anonymise or aggregate it so individuals are no longer identifiable.

8. Security

We implement reasonable administrative, technical and physical safeguards appropriate to the nature of the personal data we hold. Measures include HTTPS encryption for website traffic, access controls limiting staff access to client data on a need-to-know basis, password policies, and contractual confidentiality requirements. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we review practices periodically and address known vulnerabilities promptly.

9. Your rights under the PDPA

Subject to exceptions in the PDPA, you have the right to:

  • Access — request information about personal data we hold about you and how it has been used or disclosed within the past year;
  • Correction — request correction of inaccurate or incomplete personal data;
  • Withdrawal of consent — withdraw consent for purposes based on consent, understanding that we may no longer be able to provide related services;
  • Portability — where applicable under future PDPA amendments or advisory guidelines, request data portability in agreed formats.

To exercise these rights, email [email protected] with sufficient detail to verify your identity. We may charge a reasonable fee for access requests as permitted by the PDPA. If you believe we have not handled your data in accordance with the PDPA, you may lodge a complaint with the Personal Data Protection Commission of Singapore after giving us opportunity to address your concern.

10. Children

Our website and services are directed at business professionals and organisations. We do not knowingly collect personal data from individuals under eighteen years of age. If you believe a minor has submitted data to us, contact us and we will take steps to delete it.

11. Marketing communications

We may send occasional updates about BrandShift services to contacts who have engaged with us, where permitted by law and consistent with your reasonable expectations. You may opt out of non-essential marketing emails at any time via unsubscribe instructions or by writing to [email protected]. Opting out does not affect transactional or service-related messages necessary to perform a contract.

12. Do Not Call Registry

If you provide a Singapore telephone number, we will check it against the Do Not Call Registry where required before sending specified marketing messages by phone or text, unless an applicable exception applies or you have given clear and unambiguous consent in writing for that channel.

13. Changes to this policy

We may update this Privacy Policy to reflect legal, technical or business changes. The "Last updated" date at the top will change accordingly. Material changes may be highlighted on our website. Continued use of the site after updates constitutes acknowledgement of the revised policy where permitted by law.

14. Related documents

  • Cookie Policy
  • Terms of Use
  • Legal imprint

BrandShift

Brand strategy, repositioning & identity agency · Tanjong Pagar / Tras Street, Singapore

BrandShift Co Pte. Ltd.
36 Tras Street, #02-01, Singapore 078995
+65 6227 4180 · [email protected]

UEN 202561047K · Mon–Fri 09:00–18:00 SGT

Explore

Services Work About Contact FAQ

Legal

Privacy Terms Cookies Legal
BrandShift provides brand strategy, repositioning, identity, creative campaigns, paid media, SEO, content for client brands. No guaranteed rankings/reach/leads/sales/ROI. Case study metrics illustrative only. Professional marketing services not financial/legal advice.

© 2026 BrandShift Co Pte. Ltd. All rights reserved. Last updated 13 July 2026.

We use cookies for site functionality, analytics and advertising pixels. Your consent choices are stored for six months. Cookie policy

Cookie preferences

Necessary (required)Always on

Preferences are stored for six months. See our cookie policy.