Privacy Policy

Last updated: 15 April 2026 · Data Controller: Gareth Powell, IPP Financial Advisers Pte Ltd

This Privacy Policy explains how Gareth Powell, operating as a MAS Appointed Representative of IPP Financial Advisers Pte Ltd, collects, uses, stores and protects your personal data in compliance with the Singapore Personal Data Protection Act 2012 (PDPA) and, where applicable, the UK and EU General Data Protection Regulation (GDPR).

1. Who We Are

The data controller is Gareth Powell, MAS Appointed Representative No. PGD300017617, acting on behalf of IPP Financial Advisers Pte Ltd (Company Registration No. R1983-04992C), 78 Shenton Way #06-01, Singapore 079120.

Contact for data queries: garethpowell@ippfa.com

2. What Personal Data We Collect

When you submit an enquiry form on this website, we collect:

• Full name
• Email address
• Any voluntary message you provide
• UTM parameters and referrer URL (how you found this page)

We also collect anonymised analytics data via Google Analytics 4 (only with your consent) including pages visited, device type, and approximate location.

3. How We Use Your Data

• To respond to your enquiry and provide the free financial review you requested
• To assess whether our services are suitable for your needs
• To contact you via email or phone regarding your enquiry
• To store your contact details in our CRM (HubSpot) for follow-up purposes
• To improve this website via anonymised analytics

We do not use your data for automated decision-making or profiling.

4. Legal Basis for Processing

• Consent — You explicitly consent when submitting the enquiry form
• Legitimate interest — Responding to an enquiry you initiated
• Legal obligation — Where required by MAS or applicable law

5. Data Storage and Security

Your personal data is stored in the following systems:

• Supabase — Secure PostgreSQL database with row-level security and encryption at rest
• Google Sheets — Used as a backup record, access restricted to Gareth Powell only

All data is transmitted over encrypted HTTPS connections. API keys and credentials are stored as server-side environment variables and are never exposed to the browser.

6. Data Retention

We retain your personal data for a maximum of 5 years from the date of your last interaction, or as required by MAS regulations, whichever is longer. After this period, your data is securely deleted.

7. Third Parties

We share data only with the following processors, all under data processing agreements:

• Supabase Inc. — Database hosting
• Google LLC — Analytics (consent-gated) and Ads conversion tracking
• Meta Platforms Inc. — Ads conversion tracking (consent-gated)

We do not sell your personal data to any third party.

8. Cookies

We use the following cookies:

• cookie-consent — Stores your cookie preference (essential, no consent required)
• Google Analytics 4 — Analytics cookies (only loaded with your consent)
• Meta Pixel — Advertising cookies (only loaded with your consent)
• Google Ads — Conversion tracking (only loaded with your consent)

You may withdraw consent at any time by clearing your browser cookies or contacting us.

9. Your Rights

Under PDPA and GDPR you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request erasure of your data
• Withdraw consent at any time
• Object to processing
• Data portability

To exercise any right, email garethpowell@ippfa.com. We will respond within 30 days.

10. Changes to This Policy

We may update this policy from time to time. The date at the top of this page will always reflect the most recent version.

11. Contact

Gareth Powell · IPP Financial Advisers Pte Ltd · 78 Shenton Way #06-01, Singapore 079120
garethpowell@ippfa.com · +65 8249 3328