Privacy policy

This Privacy Policy explains how AI Brand Lab Pte. Ltd. ("AI Brand Lab", "we", "us", or "our"), UEN 202905183R, collects, uses, discloses, and protects personal data when you visit https://aibrandlab.life/ (the "Website"), contact us, enrol in brand lab programmes, or participate in corporate brand strategy engagements at our Duxton Road studio. We are committed to handling personal data responsibly and in accordance with the Personal Data Protection Act 2012 of Singapore ("PDPA") and applicable subsidiary legislation.

1. Data controller

The data controller responsible for personal data processed through this Website and our brand strategy services is:

AI Brand Lab Pte. Ltd.
43 Duxton Road, #02-01, Singapore 089507
Email: [email protected]
Phone: +65 6220 3847

For privacy-related enquiries, contact us using the details above with the subject line "Privacy enquiry". We will acknowledge receipt within five business days unless exceptional volume delays response.

2. Scope

This policy applies to personal data collected through the Website, email correspondence, telephone calls, in-person registration at our Duxton Road studio, brand lab programme sessions, and corporate brand engagements where we act as service provider. It does not apply to third-party websites linked from our pages, nor to personal data processed solely on behalf of corporate clients under separate data processing agreements. Where those agreements impose stricter standards, they prevail for the relevant engagement.

This policy does not cover aggregated or anonymised information that cannot reasonably identify an individual. It also does not describe practices of AI research tool providers whose platforms our strategists may use during engagements under their own account terms and privacy policies.

AI Brand Lab provides B2B brand strategy services — positioning, identity systems, voice architecture, and AI-enhanced market research. We do not provide life coaching, wellness programmes, or personal development services. Personal data we collect relates to commercial brand engagements, not wellness or coaching contexts.

3. Personal data we collect

3.1 Data you provide directly

When you submit our contact form, enrol in a brand lab programme, register for an orientation session, or communicate with us, we may collect:

• Identity and contact details: full name, email address, telephone number, company name, job title, and billing address where applicable;
• Enquiry content: subject selection (brand lab enquiry, identity programme request, corporate brand retainer, or general inquiry), message body, preferred programme or service type;
• Engagement records: programme enrolled, session dates attended, deliverable review status, strategist notes relevant to your brand lab dossier;
• Corporate administrative data: purchase order references, GST registration details, authorised signatory names for corporate brand contracts;
• Brand materials you submit for review — positioning documents, identity files, sales collateral — which may contain business information rather than personal data, though contact details within those materials may constitute personal data;
• Feedback you voluntarily provide in surveys or post-programme evaluations;
• PDPA consent records, including timestamp and channel, when you tick the consent checkbox on our contact form.

3.2 Data collected automatically

When you browse the Website, our servers and optional analytics tools may collect technical information including IP address, browser type and version, operating system, referring URL, pages viewed, timestamps, and device identifiers. Essential cookies required for site operation are set regardless of optional consent. Optional analytics and marketing cookies are used only if you accept them via our cookie banner. Consent preferences are stored locally for six months. See our Cookie Policy for details.

3.3 Lab session context

During brand lab sessions at our Duxton Road studio, we may observe materials you display on shared screens for facilitation purposes. We instruct participants not to display client-confidential personal data, health information, or sensitive identifiers unless expressly permitted under a separate agreement. Materials submitted for identity audit or positioning review are handled according to the retention rules in Section 8.

3.4 Sensitive data

We do not intentionally collect sensitive personal data such as national identification numbers, financial account credentials, health information, or biometric data through the Website. Please do not submit such information via the contact form or lab exercises. If you include sensitive data in free-text fields without our request, we will delete it where practicable unless retention is required by law.

4. Purposes of collection and use

We collect and use personal data for the following purposes, relying on consent, contractual necessity, legitimate interests, or legal obligation as appropriate under the PDPA:

• Responding to enquiries about brand lab programmes, orientation sessions, identity audits, and corporate retainer engagements;
• Processing enrolment, invoicing, and attendance administration;
• Delivering brand strategy services, documented deliverables, dossier indexing, and related facilitation;
• Communicating schedule changes, policy updates, and programme materials;
• Improving our curriculum, studio operations, and Website usability through aggregated analysis;
• Complying with legal obligations, including tax, accounting, and regulatory requests;
• Protecting our rights, clients, and staff in dispute resolution or fraud prevention;
• Sending marketing communications about brand lab programmes where you have opted in or where permitted by law.

We do not use your personal data to provide licensed financial advice, wellness coaching, life coaching, or investment recommendations. Brand strategy content may discuss commercial positioning in a professional context; that is not personalised financial or wellness planning.

5. Disclosure to third parties

We may disclose personal data to:

• Service providers who assist with email delivery, payment processing, cloud hosting, analytics (when consented), and studio logistics at our Duxton Road premises;
• Professional advisers including lawyers and accountants where necessary for compliance or dispute resolution;
• Government authorities when required by applicable law, court order, or regulatory request;
• Corporate clients where you participate in an engagement on their behalf, limited to information necessary for that engagement;
• Successors in the event of a merger, acquisition, or asset transfer, subject to continued PDPA compliance.

We require service providers to handle personal data only for specified purposes and to maintain appropriate security measures. We do not sell personal data to third parties for their independent marketing purposes.

6. International transfers

Personal data is primarily processed in Singapore. Where service providers process data outside Singapore, we take steps to ensure transfers comply with the PDPA, including contractual protections and verification that the recipient jurisdiction provides comparable protection or that appropriate consent or exemptions apply.

7. Data security

We implement administrative, technical, and physical safeguards appropriate to the nature of the personal data we hold, including access controls, encrypted transmission where supported, and secure storage for brand lab dossiers. No method of transmission or storage is completely secure; we cannot guarantee absolute security but we review our measures periodically and respond to identified vulnerabilities.

Staff and contractors with access to personal data are bound by confidentiality obligations and receive guidance on PDPA compliance. Brand materials containing competitive or client-confidential information are stored separately from general contact records where practicable.

8. Retention

We retain personal data only as long as necessary for the purposes described in this policy, unless a longer period is required by law. Typical retention periods include:

• Contact form enquiries: up to twenty-four months after last meaningful correspondence unless an engagement follows;
• Programme and retainer records: duration of engagement plus seven years for accounting and dispute limitation purposes;
• Brand lab dossier materials: duration of retainer or twelve months after programme completion unless otherwise agreed in writing;
• Marketing consent records: until withdrawal of consent plus a reasonable audit period;
• Server logs and analytics: up to twelve months, or shorter where optional cookies are rejected.

When personal data is no longer needed, we delete or anonymise it using methods appropriate to the storage medium.

9. Your rights under the PDPA

Subject to exceptions under the PDPA, you may:

• Request access to personal data we hold about you;
• Request correction of inaccurate or incomplete personal data;
• Withdraw consent for processing that relies on consent, recognising that withdrawal may affect our ability to provide services;
• Request information about how your personal data has been used or disclosed in the past year.

Submit requests to [email protected] with sufficient detail for us to identify you and locate relevant records. We may charge a reasonable fee for manifestly unfounded or excessive access requests as permitted by law. We respond within thirty days unless an extension is permitted and communicated.

10. Children

Our Website and services are directed at business professionals and organisations. We do not knowingly collect personal data from individuals under eighteen years of age. If you believe we have collected data from a minor, contact us and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy to reflect changes in our practices, services, or legal requirements. The effective date at the top indicates the latest revision. Material changes will be noted on the Website. Continued use after changes constitutes acceptance where permitted by law; for processing based on consent, we will seek renewed consent where required.

12. Contact

For privacy enquiries, access requests, or complaints about our handling of personal data:

AI Brand Lab Pte. Ltd.
43 Duxton Road, #02-01, Singapore 089507
Email: [email protected]
Phone: +65 6220 3847

If you remain dissatisfied after contacting us, you may lodge a complaint with the Personal Data Protection Commission of Singapore (PDPC) in accordance with its published procedures.