Legal

Privacy Policy

Last Updated: 12 May 2025 · Effective: 12 May 2025

1. Introduction

Velkyr ("we", "us", "our") is committed to protecting the personal data of individuals who engage with our website and programmes. This policy explains what data we collect, how we use it, and the rights available to you under Singapore's Personal Data Protection Act 2012 (PDPA).

This policy applies to the Velkyr website at velkyr.blog and to the administration of our workshops, notebook orders, and monthly evening subscriptions.

Questions relating to this policy may be directed to: [email protected]

2. Personal Data We Collect

2.1 Data you provide directly

• Name, email address, and telephone number — provided when you submit an enquiry form or register for a programme
• Postal address — provided when ordering the Money Story Notebook for delivery
• Payment information — processed via our payment provider; Velkyr does not store card or bank details
• Written correspondence — emails and messages sent to us

2.2 Data collected automatically

• Browser type, device type, and operating system
• Pages visited, time spent, and referring pages — via analytics cookies (where consent is given)
• IP address and approximate location

2.3 Legal basis for processing

We process your data on the following bases: (a) with your consent, where given; (b) to perform a contract — for example, to process a programme registration or notebook order; (c) for our legitimate interests in operating the organisation and improving our programmes; and (d) to comply with legal obligations.

2.4 Data retention

Enquiry data is retained for 12 months. Participant records are retained for 3 years after the last programme attended, then securely deleted. Financial records are retained for 7 years as required by Singapore law.

3. How We Use Your Data

• To respond to enquiries and confirm programme registrations
• To administer and deliver workshops, notebook orders, and monthly subscriptions
• To send programme schedules and administrative updates to registered participants
• To send our occasional newsletter, where you have opted in
• To improve our website and understand how it is used (analytics, where consented)
• To meet our legal and regulatory obligations

We do not sell, rent, or share your personal data with third parties for their own marketing purposes.

3.1 Third parties involved in service delivery

We use the following third-party services in operating our programmes: a payment processing provider (for online payments), an email delivery service (for confirmations and updates), and a web analytics service (where consent is given). Each operates under its own privacy policy and applicable data protection law.

4. Data Protection Measures

• Our website uses HTTPS encryption for all data transmission
• Access to participant records is restricted to staff directly involved in programme administration
• Databases and file storage are hosted on servers with access controls and audit logging
• In the event of a data breach involving personal data, we will notify affected individuals and the Personal Data Protection Commission (PDPC) as required by law
• We conduct an annual review of data handling practices

5. Cookies

Our website uses cookies to store your preferences and, where consent is given, to collect anonymised analytics data. You can manage your cookie preferences at any time. See our Cookie Policy for full details and controls.

6. Your Rights Under the PDPA

Under the Personal Data Protection Act 2012 (Singapore), you have the right to:

• Access the personal data we hold about you
• Correct any inaccurate or incomplete data
• Withdraw consent to processing at any time (this does not affect the lawfulness of processing before withdrawal)
• Request that we cease or limit use of your data
• Lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg

To exercise any of these rights, write to: [email protected]. We will respond within 30 days.

7. Third-Party Links

Our website and reading materials may contain references to external websites and publications. We are not responsible for the privacy practices of those sites. We encourage you to review the privacy policy of any external site you visit.

8. Age Requirement

Velkyr's programmes are designed for adults aged 18 and over. We do not knowingly collect personal data from persons under 18. If you believe a minor has submitted data to us, please contact us and we will delete it promptly.

9. Updates to This Policy

We may update this policy from time to time. Where changes are material, we will notify registered participants by email before they take effect. The date at the top of this page shows when the policy was last revised. Continued use of our website or participation in our programmes following an update constitutes acceptance of the revised policy.

10. Contact

Data Controller: Velkyr
14 Wallich Street, Singapore 078881
Email: [email protected]
Phone: +65 6794 3082