New Grow Digital — up to 50% co-funding for qualifying AI engagements Learn more
Book a session
30 min · free
Pricing
Tier calculator
Our Approach Responsible AI AI-Enabled Development Software Architecture Platform Engineering Modernization Generative AI Agentic AI Vision AI Voice AI Text & NLP AI Sprint AI Academy Leadership Clinic
Overview & pricing Ignite Accelerate Deploy Evolve Compare tiers Pricing calculator
All industries Financial Services Healthcare Retail & E-Commerce Manufacturing Government Professional Services Case studies
Blog Case studies Free AI Tools Events TL;DR Newsletter
Why EIS Our Story Team Careers Contact
Book a session Contact us

How we handle your data.

Last updated 12 February 2026. We collect what we need, keep it as long as we have to, and never sell it. Plain-English summary first; the full detail follows.

Section 01

Who we are

In plain English: EIS (Evolve Innovative Solutions Pte Ltd) is a Singapore-incorporated company. We are the data controller for personal data collected through eis.sg and through our consulting engagements.

Evolve Innovative Solutions Pte Ltd (UEN 202312345A) operates from One-North, Singapore. We are registered with the Personal Data Protection Commission (PDPC) and our Data Protection Officer can be reached at privacy@eis.sg.

This policy covers personal data we collect about you when you visit eis.sg, contact us, attend an event, subscribe to our newsletter, or engage us for paid services. It applies globally — Singapore PDPA, the EU GDPR where relevant, and the equivalent regimes across Malaysia (PDPA 2010), Indonesia (UU PDP), the Philippines (Data Privacy Act) and Thailand (PDPA 2019).

Section 02

What we collect

In plain English: Contact details you give us. Standard analytics on what you read on the site. Engagement data — emails, documents and code — when you become a client. Nothing more.

We collect three categories of personal data:

  • Contact data — your name, work email, company, role and the message you send through forms or by email. Provided directly by you.
  • Usage data — pages visited, referrer, device type, anonymised IP and approximate location. Collected by privacy-respecting analytics on a server we operate.
  • Engagement data — once you’re a client, the documents, code, screenshots and emails exchanged in the course of the work. Held in your tenant where possible, in our tenant where not.
Section 03

Why we collect it

In plain English: To reply to you, to deliver the engagement you’ve hired us for, to invoice you, and — only with consent — to send you our newsletter.

We process personal data on four lawful bases: your consent (newsletter, optional cookies); the necessity of performing a contract (engagement delivery, invoicing); legal obligation (tax, anti-money-laundering, statutory record retention); and our legitimate interest in operating the site, preventing abuse, and contacting you about services you’ve enquired about.

We do not use your data to train any model — ours, our partners’, or any third party’s. We do not sell, rent or share personal data with brokers or ad networks. We do not run third-party tracking pixels.

Section 04

Who sees it

In plain English: EIS staff who need to. A small set of named processors (email, hosting, payments, analytics). Engagement clients only see their own data. Nobody else.

Inside EIS, access is on a need-to-know basis. Engagement data is restricted to the principal and engineers staffed on your account. All staff are bound by written confidentiality and complete annual data-handling training.

  • Hosting — our infrastructure runs on AWS Singapore (ap-southeast-1) and Google Cloud Singapore.
  • Email — Google Workspace (data resident in Singapore where contractually available).
  • Analytics — a self-hosted Plausible instance in Singapore. No third-party JavaScript on eis.sg outside of fonts.
  • Payments — Stripe (engagement invoicing) and bank transfer. Stripe’s own privacy notice applies to payment data.
  • Co-funding agencies — IMDA, MDEC, Kominfo, DICT, depa as required to administer government grants you apply for through us, and only with your written authorisation.
Section 05

How long we keep it

In plain English: Contact enquiries: 24 months. Newsletter: until you unsubscribe. Engagement records: seven years (Singapore tax law). Anonymised analytics: 12 months.

We retain only what we need, for as long as we need it. Contact form submissions are deleted 24 months after the last interaction. Newsletter subscriptions are kept until you unsubscribe — one click, no questions.

Engagement records (contracts, invoices, deliverables, correspondence) are retained for seven years after engagement end, in line with Singapore Income Tax Act and Companies Act requirements. Anonymised analytics are rolled up monthly and the raw logs are deleted after 12 months.

Section 06

Your rights

In plain English: Access, correction, deletion, objection, portability, withdrawal of consent. Email privacy@eis.sg and we’ll respond within 30 days, usually faster.

Under PDPA, GDPR and the equivalent regional regimes, you have the right to: request a copy of the personal data we hold about you; correct inaccuracies; ask us to delete it (subject to legal retention obligations); object to processing on legitimate-interest grounds; withdraw consent for the newsletter or any optional cookies; and request portability in a machine-readable format.

Send the request to privacy@eis.sg. We respond within 30 days — typically within five business days. If you’re not satisfied with our response you may lodge a complaint with the PDPC (or your local equivalent regulator).

Section 07

Cookies

In plain English: One first-party cookie that remembers whether you’ve dismissed our cookie banner. No tracking cookies, no third-party cookies, no fingerprinting.

eis.sg sets one first-party functional cookie (eis_consent) that records whether you’ve acknowledged this policy. It expires after 12 months. There are no advertising, retargeting or cross-site tracking cookies on the site.

Our analytics is cookieless — no client-side fingerprint, no persistent identifier. We measure aggregate page views, referrers and approximate country only.

Section 08

International transfers

In plain English: Your data stays in Singapore unless an engagement requires otherwise — in which case we’ll tell you in writing and use approved transfer mechanisms.

Personal data collected through eis.sg is stored in Singapore. Engagement data is held in the jurisdiction agreed in the Master Services Agreement, defaulting to Singapore.

Where an engagement requires data transfer outside the country of collection, we use approved mechanisms — Standard Contractual Clauses for transfers from the EU, ASEAN Model Contractual Clauses for intra-region transfers, and explicit written client authorisation in every other case.

Section 09

Changes to this policy

In plain English: Material changes go in your inbox before they go on the site. The full revision history is at the bottom of this page.

If we make a material change to this policy — anything that broadens the data we collect or the parties who see it — we’ll notify newsletter subscribers and active clients by email at least 14 days before it takes effect.

Editorial corrections (typos, link updates, restructuring without scope change) are made silently and dated at the top of the page.

Questions about your data?

Email privacy@eis.sg and we’ll reply within one business day.

Email privacy@eis.sg PDPA-compliant · reply within 1 business day