Legal

Privacy Policy

How we collect, use, and protect your personal data

Updated: 12 march, 2026

1. Introduction

Circle Family Office Pte. Ltd. ("Circle 26", "we", "us", or "our") is committed to protecting the privacy and personal data of our Members, website visitors, and users. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal data when you access our website, the Circle 26 Platform, the Lean Family Office Blueprint ("LFOB"), and our private Community.

We comply with the Personal Data Protection Act 2012 ("PDPA") of Singapore and other applicable data protection laws in the jurisdictions in which we operate. Where our Members are located in the European Economic Area ("EEA") or the United Kingdom, we also comply with the General Data Protection Regulation ("GDPR") to the extent applicable.

By using our website, Platform, or services, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not access or use our services.

2. Data Controller

The data controller responsible for your personal data is:

Circle Family Office Pte. Ltd.
60 Robinson Road, #14-04, Singapore
Email: [email protected]

If you have any questions about this Privacy Policy or our data practices, please contact us using the details above.

3. Personal Data We Collect

We collect the following categories of personal data:

3.1 Information You Provide Directly

Account and Profile Information: Full name, email address, phone number, company or organisation name, job title, professional details, and any other information you provide during registration or in your member profile.

Payment and Billing Information: Payment card details, billing address, and transaction history. Payment card data is processed securely by our third-party payment processor (Stripe) and is not stored on our servers.

Communications: Any correspondence you send to us, including emails, support requests, feedback, and survey responses.

Community Content: Posts, comments, messages, files, and any other content you contribute within the private Community platform.

3.2 Information Collected Automatically

Usage Data: Information about how you access and use the Platform, including pages viewed, features used, time spent on the Platform, clickstream data, and navigation paths.

Device and Technical Data: IP address, browser type and version, operating system, device type, screen resolution, language preferences, and referring URLs.

Cookie Data: Information collected through cookies and similar tracking technologies, as described in our Cookies Policy.

3.3 Information from Third Parties

Payment Processor: Transaction confirmation and payment status from Stripe or other payment processors.

Analytics Providers: Aggregated and anonymised usage data from Google Analytics.

Community Platform Provider: Account activity and engagement data from our community platform provider.

Email Marketing Provider: Email engagement data (opens, clicks, bounces) from our email marketing provider.

4. How We Use Your Personal Data

We use your personal data for the following purposes:

4.1 To Provide and Manage Your Membership

  • Processing your registration and creating your account;
  • Granting and managing access to the Platform, Materials, and Community;
  • Processing payments, invoices, and refunds;
  • Communicating with you about your Membership, including renewals, changes, and administrative notices; and
  • Providing customer support and responding to your enquiries.

4.2 To Improve Our Services

  • Analysing usage patterns to improve the Platform, Materials, and user experience;
  • Conducting surveys and collecting feedback;
  • Identifying and resolving technical issues; and
  • Developing new features, content, and services.

4.3 To Communicate with You

  • Sending you updates about new Materials, features, events, and Community activities;
  • Sending newsletters and marketing communications where you have opted in; and
  • Providing information about changes to our terms, policies, or services.

4.4 To Ensure Security and Compliance

  • Protecting the Platform against fraud, abuse, and unauthorised access;
  • Enforcing our Terms of Membership Agreement and Community Charter;
  • Complying with applicable laws, regulations, and legal obligations; and
  • Responding to lawful requests from government authorities or law enforcement.

5. Legal Basis for Processing

We process your personal data on the following legal bases:

Contractual Necessity: Processing is necessary for the performance of our contract with you (your Membership Agreement), including account management, access provision, and payment processing.

Legitimate Interests: Processing is necessary for our legitimate business interests, including service improvement, security, fraud prevention, and marketing (where balanced against your rights and interests).

Consent: Where you have given us specific consent, such as for receiving marketing communications. You may withdraw consent at any time.

Legal Obligation: Processing is necessary to comply with our legal and regulatory obligations.

6. How We Share Your Data

We do not sell, rent, or trade your personal data. We may share your data with the following categories of recipients:

6.1 Third-Party Service Providers

We engage trusted third-party providers to help us deliver our services. These include:

  • Payment Processing: Stripe (or equivalent) for secure payment processing.
  • Email Marketing: Mailchimp, ConvertKit, or equivalent for newsletters and communications.
  • Community Platform: Circle, Slack, Discord, or equivalent for hosting our private Community.
  • Analytics: Google Analytics for website and Platform usage analysis.
  • Hosting and Infrastructure: Cloud hosting providers for Platform hosting and data storage.

All third-party providers are contractually bound to process your data only on our instructions, maintain appropriate security measures, and comply with applicable data protection laws.

6.2 Other Members

Certain profile information (such as your name, professional title, and organisation) may be visible to other Members within the Community. Community content you post will be visible to other Members.

6.3 Legal and Regulatory Disclosures

We may disclose your data where required by law, regulation, legal process, or governmental request, or where necessary to protect our rights, property, safety, or the rights of others.

6.4 Business Transfers

In the event of a merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred to the successor entity, subject to the same privacy commitments set out in this Policy.

7. International Data Transfers

Your personal data may be transferred to and processed in countries other than Singapore, including countries where our third-party service providers are located. Where we transfer data internationally, we ensure appropriate safeguards are in place, including standard contractual clauses, data processing agreements, or other lawful transfer mechanisms.

8. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Specifically:

  • Active Membership Data: Retained for the duration of your Membership and for a period of twenty-four (24) months following termination, unless a longer retention period is required by law.
  • Payment and Billing Records: Retained for a minimum of seven (7) years to comply with financial and tax reporting obligations.
  • Community Content: Retained for the duration of your Membership. Upon termination, your posts and contributions may be anonymised or deleted at the Company's discretion.
  • Marketing Data: Retained until you withdraw consent or unsubscribe, after which your data will be suppressed for marketing purposes.
  • Analytics Data: Aggregated and anonymised data may be retained indefinitely for statistical and research purposes.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, loss, or destruction. These measures include:

  • Encryption of data in transit (TLS/SSL) and at rest;
  • Secure access controls and authentication mechanisms;
  • Regular security assessments and vulnerability testing;
  • Restricted access to personal data on a need-to-know basis; and
  • Contractual security obligations imposed on all third-party service providers.

While we take all reasonable steps to protect your data, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

10. Your Rights

Depending on your location, you may have the following rights in relation to your personal data:

  • Access: The right to request a copy of the personal data we hold about you.
  • Correction: The right to request correction of inaccurate or incomplete personal data.
  • Deletion: The right to request the deletion of your personal data, subject to our retention obligations.
  • Restriction: The right to request that we restrict the processing of your personal data in certain circumstances.
  • Data Portability: The right to receive your personal data in a structured, commonly used, machine-readable format.
  • Objection: The right to object to the processing of your personal data for direct marketing or on legitimate interest grounds.
  • Withdrawal of Consent: Where processing is based on your consent, the right to withdraw that consent at any time.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within thirty (30) days or as required by applicable law.

11. Children's Privacy

Our services are not directed at individuals under the age of eighteen (18). We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child, we will take steps to delete such data promptly.

12. Third-Party Links

Our website and Platform may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices or content of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. We will notify you of any material changes by posting the updated Policy on our website and, where appropriate, by email. The "Effective Date" at the top of this Policy indicates when it was last revised. Your continued use of our services after any changes constitutes your acceptance of the updated Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:

Circle Family Office Pte. Ltd.
60 Robinson Road, #14-04, Singapore
Email: [email protected]

If you are not satisfied with our response, you may lodge a complaint with the Personal Data Protection Commission (PDPC) of Singapore at www.pdpc.gov.sg, or with your local data protection authority where applicable.