Privacy Policy

Personal Data Protection Act (PDPA) Compliant Privacy Policy.

1. Data Controller Information

Data Controller: Chicago Global Capital Pte. Ltd.
UEN: 201734851Z
Address: 30 Cecil Street #16-08, Prudential Tower, Singapore 049712
MAS License: Capital Markets Services Licensee and Exempt Financial Adviser
Contact: privacy@chicago.global
Data Protection Officer: dpo@chicago.global

2. Personal Data We Collect

Account Information:

• Full name, email address, phone number
• Professional information (company, role, industry)
• Authentication credentials and account preferences

Financial Data:

• Investment preferences and risk tolerance
• Portfolio composition and performance data
• Transaction history and analytics preferences

Technical Data:

• IP address, browser type, device identifiers
• Platform usage patterns and interaction data
• Session recordings and performance metrics

3. Legal Basis for Processing (PDPA)

We process personal data under the following PDPA provisions:

• Consent: Explicit consent for marketing communications
• Contract: Performance of our investment analytics services
• Legal Obligation: MAS regulatory compliance and reporting
• Legitimate Interest: Platform security and fraud prevention

4. How We Use Your Personal Data

Primary Purposes:

• Provide quantitative investment analytics and research
• Generate personalized portfolio insights and recommendations
• Maintain platform security and prevent unauthorized access
• Comply with MAS regulations and licensing requirements

Secondary Purposes (with consent):

• Send market insights and research updates
• Improve platform features through usage analytics
• Conduct client satisfaction surveys

5. Data Sharing and Disclosure

We do not sell or trade personal data. Limited sharing occurs only for:

• Service Providers: Cloud hosting, analytics, and security services
• Regulatory Bodies: MAS compliance reporting when required
• Legal Requirements: Court orders or law enforcement requests
• Business Transfers: In case of mergers or acquisitions (with notice)

6. International Data Transfers

Data may be processed in Singapore and other jurisdictions with adequate data protection. We apply safeguards through Standard Contractual Clauses (SCCs), adequacy mechanisms recognized by Singapore authorities, and binding controls for internal transfers.

7. Your Rights Under PDPA

You have the right to:

• Access: Request copies of your personal data
• Correction: Update or correct inaccurate information
• Withdrawal: Withdraw consent for marketing communications
• Data Portability: Receive your data in machine-readable format
• Objection: Object to processing for legitimate interests

To exercise your rights, contact our Data Protection Officer at dpo@chicago.global. We respond within timelines required under PDPA.

8. Data Security Measures

Technical Safeguards:

• AES-256 encryption for data at rest and in transit
• Multi-factor authentication and access controls
• Regular security audits and penetration testing
• SOC 2 Type II-aligned controls for cloud infrastructure

Organizational Measures:

• Staff training on data protection and confidentiality
• Incident response procedures and breach notification workflows
• Periodic review of privacy policies and controls

9. Data Retention

Retention Periods:

• Account Data: Duration of relationship plus applicable regulatory retention
• Transaction Records: Retained in accordance with MAS requirements
• Marketing Data: Until consent is withdrawn
• Technical Logs: Retained for security and operational purposes

10. Anti-Scraping and Automated Access

Prohibited activities include:

• Automated scraping, crawling, or extraction
• Use of bots, spiders, or automation tools for unauthorized access
• Reverse engineering algorithms or analytics outputs
• Bulk download or systematic retrieval of protected content
• Creation of derivative databases from platform data

Violations may result in account suspension or termination and legal action.

11. Cookies and Tracking

We use cookies for:

• Essential: Authentication and core platform functionality
• Analytics: Usage patterns and performance monitoring
• Preferences: User settings and personalization

You can manage cookie preferences through browser settings.

12. Regulatory Oversight

As a MAS-licensed entity, our privacy practices are subject to regulatory oversight. For data protection complaints, you may also contact the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

13. Updates to This Policy

We may update this Privacy Policy to reflect changes in practice or legal requirements. Material changes will be communicated in advance through appropriate channels.

14. Contact Information

Privacy Inquiries:
Data Protection Officer: dpo@chicago.global
General Privacy: privacy@chicago.global
Address: 30 Cecil Street #16-08, Prudential Tower, Singapore 049712