Privacy Policy

Account Information:

• Full name, email address, phone number
• Professional information (company, role, industry)
• Authentication credentials and account preferences

Financial Data:

• Investment preferences and risk tolerance
• Portfolio composition and performance data
• Transaction history and analytics preferences

Technical Data:

• IP address, browser type, device identifiers
• Platform usage patterns and interaction data
• Session recordings and performance metrics

We process personal data under the following PDPA provisions:

• Consent: Explicit consent for marketing communications
• Contract: Performance of our investment analytics services
• Legal Obligation: MAS regulatory compliance and reporting
• Legitimate Interest: Platform security and fraud prevention

Primary Purposes:

• Provide quantitative investment analytics and research
• Generate personalized portfolio insights and recommendations
• Maintain platform security and prevent unauthorized access
• Comply with MAS regulations and licensing requirements

Secondary Purposes (with consent):

• Send market insights and research updates
• Improve platform features through usage analytics
• Conduct client satisfaction surveys

We do NOT sell or trade personal data. Limited sharing occurs only for:

• Service Providers: Cloud hosting, analytics, and security services
• Regulatory Bodies: MAS compliance reporting when required
• Legal Requirements: Court orders or law enforcement requests
• Business Transfers: In case of mergers or acquisitions (with notice)

Data may be processed in Singapore and other jurisdictions with adequate data protection. We ensure appropriate safeguards through:

• Standard Contractual Clauses (SCCs) with service providers
• Adequacy decisions recognized by Singapore authorities
• Binding Corporate Rules for internal data transfers

You have the right to:

• Access: Request copies of your personal data
• Correction: Update or correct inaccurate information
• Withdrawal: Withdraw consent for marketing communications
• Data Portability: Receive your data in machine-readable format
• Objection: Object to processing for legitimate interests

To exercise your rights: Contact our Data Protection Officer at dpo@chicago.global. We will respond within 30 days as required by PDPA.

Technical Safeguards:

• AES-256 encryption for data at rest and in transit
• Multi-factor authentication and access controls
• Regular security audits and penetration testing
• SOC 2 Type II compliance for cloud infrastructure

Organizational Measures:

• Staff training on data protection and confidentiality
• Incident response procedures and breach notification
• Regular review of privacy policies and procedures

Retention Periods:

• Account Data: Duration of business relationship + 5 years (MAS regulatory requirement), extended to 7 years per Singapore Limitation Act best practices
• Transaction Records: 5 years from transaction date
• Marketing Data: Until consent is withdrawn
• Technical Logs: 12 months for security purposes

PROHIBITED ACTIVITIES:

• Automated scraping, crawling, or data extraction
• Use of bots, spiders, or automated tools
• Reverse engineering of algorithms or analytics
• Bulk downloading or systematic retrieval of content
• Creating derivative databases from our data

Violations may result in immediate account termination and legal action. Our systems actively monitor for unauthorized access patterns.

We use cookies for:

• Essential: Authentication and platform functionality
• Analytics: Usage patterns and performance monitoring
• Preferences: User settings and customization

You can manage cookie preferences through your browser settings.

As a MAS-licensed entity, our privacy practices are subject to regulatory oversight. For data protection complaints, you may also contact:

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Material changes will be communicated via email or platform notification 30 days in advance.