Privacy Policy

Last updated: 24 March 2026

1. Introduction

Infinite Value Ventures Pte Ltd (UEN: 201719416K), trading as Infinite Cybersecurity ("we", "us", or "our"), is committed to protecting your personal data in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore and its associated regulations, including the Personal Data Protection (Amendment) Act 2020.

This Privacy Policy explains how we collect, use, disclose, and protect personal data you provide to us when visiting infinitecybersecurity.com or engaging our cybersecurity services.

By using our website or engaging our services, you consent to the practices described in this Policy.

2. Personal Data We Collect

We collect personal data that you voluntarily provide and data collected automatically:

2.1 Data You Provide

• Full name, job title, and company name
• Business email address and telephone number
• Information submitted via our contact, inquiry, or consultation forms
• Correspondence and communication records
• Payment and billing information (processed via PCI-DSS compliant payment processors)

2.2 Data Collected Automatically

• IP address and approximate geographic location
• Browser type, version, and operating system
• Pages visited, time spent, and navigation patterns
• Referring website or search query
• Cookie identifiers (see Section 7)

We do not knowingly collect personal data from individuals under 18 years of age.

3. Purposes of Collection and Use

We collect and use your personal data only for purposes for which consent has been given, or where permitted by law under the PDPA. These purposes include:

• Responding to your inquiries and service requests
• Providing, administering, and improving our cybersecurity services
• Conducting security assessments, penetration tests, and compliance engagements
• Sending service-related communications and account notifications
• Marketing our services and sending promotional materials (where consent has been obtained and not withdrawn)
• Analysing website usage to improve user experience
• Meeting legal, regulatory, and contractual obligations
• Fraud prevention and security monitoring
• Invoicing and payment processing

4. Disclosure of Personal Data

We do not sell your personal data. We may share your personal data with:

• Service providers — cloud hosting, analytics, email delivery, and CRM vendors who process data on our behalf under written data processing agreements
• Professional advisers — lawyers, accountants, and auditors bound by professional confidentiality
• Government or regulatory bodies — when required by law, court order, or in response to a lawful request from Singapore authorities (e.g., PDPC, MAS, Singapore Police Force)
• Business successors — in connection with a merger, acquisition, or asset sale, subject to confidentiality obligations

All third parties are contractually required to handle your personal data in accordance with the PDPA and maintain appropriate security measures.

5. Cross-Border Data Transfers

Where your personal data is transferred outside Singapore (e.g., to cloud service providers), we ensure that the recipient country or organisation provides a standard of protection comparable to the PDPA, pursuant to Section 26 of the PDPA. We use contractual safeguards or transfer data only to jurisdictions assessed to meet equivalent protection standards.

6. Retention of Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law. Our general retention schedule:

• Inquiry and contact form data — up to 2 years from last contact
• Client engagement records — 7 years from end of engagement (to comply with Singapore business record-keeping requirements)
• Marketing consent records — for the duration of consent plus 2 years
• Website analytics data — up to 26 months

When personal data is no longer required, we securely delete or anonymise it.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies. Cookies are small text files stored on your device to improve your browsing experience and help us analyse site usage.

We use the following types of cookies:

• Essential cookies — required for basic site functionality; cannot be disabled
• Analytics cookies — help us understand how visitors interact with our site (e.g., Google Analytics); only activated with your consent

You may manage or withdraw cookie consent at any time via your browser settings or our cookie preference centre. Disabling non-essential cookies will not affect your ability to use our website.

8. Security of Personal Data

We implement appropriate organisational and technical security measures to protect your personal data from unauthorised access, disclosure, alteration, or destruction. These measures include:

• TLS/HTTPS encryption for all data in transit
• Access controls and role-based permissions
• Regular security assessments and vulnerability scanning
• Staff training on data protection obligations
• Incident response procedures

9. Data Breach Notification

In the event of a data breach that is likely to result in significant harm to individuals, we will notify the Personal Data Protection Commission (PDPC) within 3 calendar days of becoming aware of the breach, in accordance with the mandatory data breach notification obligations under the PDPA (amended 2020). We will also notify affected individuals where required.

10. Your Rights Under the PDPA

As a data subject, you have the following rights:

• Access — request a copy of the personal data we hold about you
• Correction — request correction of inaccurate or incomplete personal data
• Withdrawal of consent — withdraw consent for collection, use, or disclosure at any time (subject to legal or contractual restrictions and reasonable notice)
• Data portability — request your data in a structured, machine-readable format where technically feasible
• Opt-out of direct marketing — unsubscribe from marketing communications at any time via the unsubscribe link in our emails or by contacting us directly

Please note that withdrawal of consent may affect our ability to provide certain services to you.

11. Links to Third-Party Websites

Our website may contain links to external websites. We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the revised policy on this page with an updated effective date. For material changes, we will provide notice via email or a prominent notice on our website. Continued use of our website or services after changes constitutes acceptance of the revised policy.