Sign In Start Free
Privacy Policy | ClientBase
Legal

Privacy Policy

This notice explains how ClientBase collects, uses, and protects your personal data in accordance with Singapore's Personal Data Protection Act 2012.

Effective date: 2 October 2025 · Last updated: 13 April 2026

I Privacy Notice (Website)

This Data Protection Notice ("Notice") sets out the manner in which Clientbase Pte. Ltd. ("Clientbase", "we", "us", or "our"), UEN 202227905M, registered at 72 Circular Rd, #03-01, Singapore 049426, collects, uses, discloses, and otherwise processes personal data, in compliance with the Personal Data Protection Act 2012 ("PDPA").

This Notice applies to all personal data in our possession or under our control, including personal data entrusted to third-party organisations acting on our behalf.

II Organisation Overview

ClientBase is corporate secretarial software built for how Singapore corp sec firms actually work. We replace manual, fragmented workflows with a proper practice management system built around the way secretarial practices deliver work: Services, Requests, and Tasks.

Managing partners and named secretaries get real-time visibility across every client, every filing, and every team member. Work gets owned. Deadlines get met.

III Scope and Application

This Notice applies to:

  • Visitors to our website or software platforms
  • Individuals who engage us for services
  • Representatives of clients, vendors, and partners

By accessing our website, submitting information, or otherwise interacting with us, you acknowledge and consent to the collection, use, disclosure, and processing of your personal data in accordance with this Notice.

IV Personal Data

For the purposes of this Notice:

  • "User" refers to any individual or entity who has contacted us to enquire about our services, or who has entered into, or may enter into, a contract with us, including any Authorised Users granted access to the Platform.
  • "Personal Data" refers to any data, whether true or not, about an individual who can be identified from that data alone, or from that data combined with other information.
  • "User Data" refers to all data, records, files, and information submitted to or processed through the Platform by or on behalf of a User, including entity records, director particulars, shareholder registers, and secretarial documents.

Examples of personal data we may collect include, but are not limited to:

  • Users / Clients: name, job title, company details, email address, telephone number
  • Vendors / Partners: contact person details, company registration information, payment records
  • Website Visitors: information voluntarily submitted through forms, technical identifiers such as IP addresses, browser type, or usage activity

V Collection, Use and Disclosure of Personal Data

We generally do not collect personal data unless it has been voluntarily provided by you (or your authorised representative) after notification of the purposes and with your consent, or the collection, use, or disclosure is otherwise permitted or required under the PDPA or applicable laws.

Clientbase may collect, use, and disclose personal data for the following purposes:

  • Responding to, handling, and managing queries, feedback, or complaints
  • Managing relationships with clients, vendors, and employees
  • Facilitating service provisions and operational support
  • Supporting business continuity, audits, and regulatory compliance
  • Providing updates and communications where consent has been obtained
  • Facilitating mergers, acquisitions, or corporate restructuring
  • Any other purpose for which you have provided consent, or which is permitted by law

Disclosure of personal data may be made to third parties (in Singapore or overseas) including service providers supporting IT, HR, compliance, or operational functions; regulatory bodies, auditors, and government authorities; and cloud vendors or technology partners engaged to host, process, or secure data on our behalf.

VI Legitimate Interests Exception

In compliance with the PDPA, ClientBase may collect, use, or disclose personal data without consent where it is in our legitimate interests or those of another party, provided such interests outweigh any adverse effect on the individual.

Such processing may include:

  • Detection and prevention of fraud or misuse of our systems
  • Monitoring of IT systems for security and continuity
  • Investigation of breaches or incidents
  • Use of work-related data on company-issued devices to prevent data loss

VII AI Insights

ClientBase's AI Insights feature uses artificial intelligence to help Users generate secretarial documents, surface compliance gaps, produce practice reports, and query their data through a natural language interface.

AI Insights operates entirely within the ClientBase platform. User Data processed by AI Insights — including director particulars, shareholder registers, beneficial ownership records, and entity filings — is not transmitted to any external artificial intelligence service or third-party API. All AI processing occurs within ClientBase's own infrastructure.

ClientBase may use aggregated and anonymised data derived from AI Insights usage to improve the feature, provided such data does not identify any individual or User.

AI Insights outputs are provided as drafts and suggestions only. Users are solely responsible for reviewing, verifying, and approving all AI-generated content before relying on it or submitting it to ACRA, clients, or any third party. AI Insights does not constitute legal, compliance, or professional advice.

VIII Your Rights

You may exercise the following rights in accordance with the PDPA:

  • Request access to personal data held about you
  • Request correction of inaccuracies or incomplete information
  • Withdraw consent previously provided (subject to legal or contractual restrictions)
  • Request information on the use and disclosure of your data in the preceding year

We may charge a reasonable fee for access requests. All requests will be addressed within statutory timelines.

IX Protection of Personal Data

Clientbase employs reasonable administrative, physical, and technical safeguards to protect personal data, including:

  • Secure storage on managed platforms (e.g. Google Workspace, AWS, BrioHR, Xano)
  • Encryption of files in storage and transmission
  • Regular patching and antivirus updates
  • Data anonymisation where appropriate
  • Review of access logs and periodic security audits

X Retention of Personal Data

Personal data is retained only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. When retention is no longer necessary, data will be securely deleted, anonymised, or otherwise disposed of.

Upon termination of a User's Subscription, ClientBase will retain User Data for a period of sixty (60) days, during which the User may request an export. After this period, User Data will be securely deleted unless otherwise required by applicable law.

XI Cross-Border Transfer

User Data is stored on infrastructure hosted within Singapore. Where personal data must be transferred outside Singapore — for example, to cloud infrastructure or service providers — Clientbase will ensure that the recipient provides a standard of protection comparable to that required under the PDPA, through contractual or legally enforceable means.

XII Data Protection Officer

For any queries, feedback, or requests regarding personal data, you may contact our Data Protection Officer ("DPO"):

Email [email protected]
Phone +65 9338 4720
Address 72 Circular Rd, #03-01, Singapore 049426

XIII Updates to This Notice

This Notice may be amended from time to time. For material changes, we will provide notice by email or through the Platform no less than thirty (30) days before the change takes effect.

Your continued use of our website or services after the effective date of any update constitutes your acknowledgement and acceptance of the revised Notice.