Privacy Policy

1. Introduction

Sybil Pte Ltd ("we," "our," or "us"), operating under the brand name QuantQuest, is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our QuantQuest financial planning platform.

This policy applies to all users of QuantQuest, including financial advisers, their clients, and members of the public who access adviser profile pages or complete assessments. By using our Service, you consent to the data practices described in this policy.

2. Information We Collect

3. How We Use Your Information

We use the collected information for the following purposes:

• Providing and maintaining our financial planning services
• Processing transactions and managing subscriptions
• Personalizing user experience and improving our platform
• Communicating updates, features, and support
• Complying with legal obligations and regulatory requirements
• Detecting and preventing fraud or security issues
• Analyzing usage patterns to enhance service quality
• Facilitating connections between public users and financial advisers through our Lead Gen Tools

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With your consent: When you explicitly agree to share information
• Service providers: With trusted third parties who assist in operating our platform (under strict confidentiality agreements)
• Legal requirements: When required by law, court order, or governmental request
• Business transfers: In connection with a merger, acquisition, or sale of assets
• Protection of rights: To protect our rights, privacy, safety, or property
• Lead Generation: When you submit your contact information through a quiz or assessment, your information will be shared with the specific financial adviser as described in Section 5 below

5. Lead Generation and Adviser Referrals

When you complete a quiz or assessment on a financial adviser's page and choose to submit your contact information, the following applies:

Information Shared with Advisers

When you request a report or checkup, we share the following with the relevant financial adviser:

• Your name
• Your phone number (WhatsApp)
• Your email address (if provided)
• Your quiz responses and results
• Your personality type and associated insights
• The date and time of your submission

How Advisers May Contact You

By submitting your contact details through our Lead Gen Tools and completing OTP verification, you provide clear and unambiguous consent for the financial adviser to contact you via:

• WhatsApp messages
• Phone calls
• SMS messages
• Email (if provided)

Do Not Call Registry: This consent applies even if your phone number is registered on Singapore's Do Not Call (DNC) Registry. By voluntarily providing your phone number and completing verification, you are giving explicit consent to receive calls and messages from the adviser for financial advisory purposes.

Adviser Responsibilities

Financial advisers receiving your information through QuantQuest have agreed to:

• Handle your data in accordance with Singapore's PDPA
• Contact you only for legitimate financial advisory purposes
• Respect your right to withdraw consent at any time
• Cease contact within 10 business days of receiving a withdrawal request
• Not share, sell, or transfer your information to any third party
• Maintain appropriate records of consent and communications

Withdrawing Consent

You may withdraw your consent to be contacted at any time by:

• Informing the financial adviser directly (via WhatsApp, phone, or email)
• Emailing us at dpo@quantquest.sg with the subject line "Withdraw Lead Gen Consent"

Upon receiving your withdrawal request:

• We will notify the adviser within 2 business days
• The adviser must cease all contact within 10 business days
• Your lead record will be marked as "consent withdrawn" in our system

Please note that withdrawing consent does not affect the lawfulness of any contact that occurred before the withdrawal.

Data Retention for Leads

• Active leads: Retained for 24 months from submission, or until consent is withdrawn
• Leads who become clients: Retained according to the adviser's client data retention policy
• Withdrawn consent: Lead record retained for 7 years for compliance purposes, but marked as "do not contact"

5A. Testimonial Collection

When you submit a testimonial through our authenticated testimonial link, the following applies:

• Your name and testimonial content will be displayed publicly on the requesting adviser's Public Hub profile page
• The “Client-submitted” label on your testimonial indicates only that it was submitted through our platform — it does not verify or endorse the content
• You may withdraw your consent and request removal of your testimonial at any time by contacting the adviser directly or emailing dpo@quantquest.sg
• Upon receiving your withdrawal request, we will remove the testimonial within 5 business days
• Testimonial data will be deleted when the adviser's profile is deactivated or upon your withdrawal of consent, subject to any legal retention requirements

6. Data Security

We implement robust security measures to protect your information:

• 256-bit SSL encryption for all data transmissions
• Encrypted storage of sensitive financial information
• Regular security audits and vulnerability assessments
• Access controls and authentication protocols
• Employee training on data protection practices
• OTP verification for lead capture to prevent fraudulent submissions

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to using industry best practices.

Data Breach Notification: In the event of a data breach that is likely to result in significant harm to you, we will notify affected individuals and the Personal Data Protection Commission (PDPC) in accordance with the PDPA. We aim to notify affected individuals within 3 calendar days of confirming a notifiable breach.

7. Your Rights Under PDPA

Under Singapore's Personal Data Protection Act (PDPA), you have the following rights:

• Access: Request access to personal data we hold about you
• Correction: Request correction of inaccurate or incomplete data
• Withdrawal: Withdraw consent for data collection and use
• Data portability: Request your data in a structured format
• Deletion: Request deletion of your personal data (subject to legal obligations)

To exercise these rights, please contact our Data Protection Officer at dpo@quantquest.sg.

For Lead Gen participants: You may also exercise these rights by contacting the financial adviser directly. The adviser is obligated to respond to your request or forward it to us for processing.

8. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations:

• Active account data: Retained while your account is active
• Financial records: Retained for 7 years per MAS requirements
• Communication records: Retained for 5 years
• Lead Gen data: Retained for 24 months or until consent is withdrawn (whichever is earlier), with compliance records retained for 7 years
• Testimonial data: Retained while the adviser's profile is active, deleted within 90 days of profile deactivation or upon withdrawal of consent by the testimonial submitter
• Anonymized analytics data: May be retained indefinitely

Upon account closure, we will delete or anonymize your data within 90 days, except where retention is required by law.

9. International Data Transfers

Your data is primarily stored in Singapore. If we transfer data outside Singapore, we ensure:

• The receiving country has adequate data protection laws
• Appropriate contractual clauses are in place
• Your rights remain protected regardless of location

OTP Verification Services: We use Twilio for WhatsApp OTP verification. Twilio may process your phone number on servers located outside Singapore. Twilio is bound by contractual obligations to protect your data in accordance with standards comparable to Singapore's PDPA.

AI Processing Services: We may use AI service providers to generate suggested profile content and process assessment results. These providers may process limited data on servers located outside Singapore and are bound by contractual obligations including no-training clauses, data minimisation, and short retention periods.

Frontend Hosting: Our frontend hosting provider (Vercel) may process requests through servers located outside Singapore for performance purposes. No personal data is stored at these locations beyond transient request processing.

10. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will promptly delete it.

11. Cookies and Tracking

We use cookies and similar technologies to:

• Keep you logged in securely
• Remember your preferences and settings
• Analyze platform usage and performance
• Provide personalized features
• Track quiz completion for analytics purposes

You can manage cookie preferences through your browser settings. Disabling cookies may limit some features of our Service.

12. Third-Party Links

Our Service may contain links to third-party websites, including financial adviser websites and social media profiles. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any personal information.

13. Adviser Profile Pages

Financial advisers may create public profile pages on QuantQuest that are accessible without login. These pages may display:

• Adviser's name and professional title
• Profile photo
• Professional biography and specializations
• Years of experience and credentials
• Testimonials (if enabled — see Section 5A for testimonial collection terms)
• Links to quizzes and assessments

Information displayed on adviser profile pages is provided by the adviser and is their responsibility to keep accurate and compliant with applicable regulations.

14. Updates to This Policy

We may update this Privacy Policy periodically. We will notify you of any material changes by:

• Posting the new policy on this page
• Updating the "Last updated" date
• Sending an email notification for significant changes

15. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

For Lead Gen specific inquiries:

• The financial adviser directly (their contact details are on their profile page)
• Our DPO at dpo@quantquest.sg