Privacy Policy
Last Updated: 28 April 2025
1. Introduction
Quorum ("we", "us", "our") is committed to handling personal data responsibly. This Privacy Policy explains how we collect, use, store, and protect personal information in connection with our corporate compliance training programmes and related services, including our hosted learning portal, workshop delivery, and annual subscription programmes.
This policy applies to data collected through our website at quoru.sbs, our learning portal, enquiry forms, and direct correspondence. By using our services, you agree to the practices described in this document.
For questions about this policy or to exercise any rights described below, please contact us at [email protected].
2. Data We Collect
Information You Provide
- Name and contact details (email address, phone number) submitted through our website enquiry form or portal registration
- Company name, job role, and department information provided during programme enrolment
- Communications sent to us by email or through our website contact form
- Feedback and survey responses submitted following programme participation
Information Collected Automatically
- Browser type, IP address, and device type when you access our website or learning portal
- Pages visited, session duration, and navigation patterns for analytics purposes
- Cookie identifiers as described in our Cookie Policy
Programme Participation Data
- Module completion status and timestamps recorded in the learning portal
- Workshop attendance records
- Aggregated participation data reported to HR administrators
3. Legal Basis for Processing
We process personal data on the following legal grounds under the Singapore Personal Data Protection Act 2012 (PDPA):
- Consent: Where you have provided explicit consent, such as submitting an enquiry form or subscribing to updates
- Contract performance: Where processing is necessary to deliver the programme services you or your organisation has engaged
- Legitimate interests: Where processing is reasonably necessary for our business operations, such as maintaining service quality records and improving our programmes
- Legal obligation: Where processing is required to comply with applicable Singapore law
4. How We Use Your Data
- Delivering and administering compliance training programmes, including access to the learning portal
- Responding to enquiries and processing programme bookings
- Providing HR administrators with completion reporting and participation records
- Communicating programme updates, content revisions, and renewal reminders
- Improving the quality and relevance of our training materials
- Complying with applicable legal and regulatory obligations in Singapore
We do not use personal data for automated decision-making or profiling that produces legal or similarly significant effects.
5. Data Retention
Participant completion records are retained for the duration of the active programme subscription plus twelve months. HR administrator account data is retained for the duration of the client relationship plus twenty-four months. Enquiry and correspondence data is retained for up to thirty-six months unless a programme engagement follows, in which case the engagement retention period applies.
At the end of the relevant retention period, data is securely deleted from our systems.
6. Data Sharing
Within Quorum
Personal data is accessible only to Quorum staff who require it to perform their role — programme coordinators, client operations, and systems administrators. Access is managed by role and reviewed periodically.
Third-Party Service Providers
We work with a small number of third-party service providers to operate our learning portal and website, including cloud hosting providers operating Singapore-based infrastructure. These providers are contractually bound to process data only as instructed by Quorum and in accordance with applicable data protection requirements.
We do not sell personal data to third parties and do not share individual participant records with any party outside your organisation's designated HR administrator accounts.
Legal Disclosure
We may disclose personal data to regulatory authorities, courts, or law enforcement agencies if required to do so under applicable Singapore law or in response to a lawful request.
7. Data Storage and Security
All personal data collected through our website and learning portal is stored on servers hosted within Singapore. We apply industry-standard security measures including encrypted data transmission (TLS), access controls, and regular security reviews.
In the event of a data breach that is likely to result in a risk to the individuals concerned, we will notify affected parties and the Personal Data Protection Commission (PDPC) as required under the PDPA's mandatory breach notification obligations.
8. Cookies
Our website uses cookies to maintain session functionality and understand how visitors interact with the site. Essential cookies cannot be disabled. Analytics and preference cookies are optional. For a full description of the cookies we use, please see our Cookie Policy.
9. Your Rights Under the PDPA
Under the Singapore Personal Data Protection Act 2012, you have the right to:
- Request access to the personal data we hold about you
- Request correction of inaccurate or incomplete personal data
- Withdraw consent for processing where processing is based on consent
- Request that we cease or restrict processing of your personal data in certain circumstances
- Lodge a complaint with the Personal Data Protection Commission (PDPC) at pdpc.gov.sg
To exercise any of these rights, contact us at [email protected]. We will respond to requests within thirty days as required by the PDPA.
10. Third-Party Links
Our website may contain links to external websites. Quorum is not responsible for the privacy practices of third-party websites, and this policy does not apply to those sites. We encourage you to review the privacy policies of any external sites you visit.
11. Children's Privacy
Quorum's services are designed for business clients and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided personal data to us, please contact us at [email protected] and we will take prompt steps to remove it.
12. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our services or applicable law. When we make material changes, we will update the "Last Updated" date at the top of this page. Continued use of our services after any changes constitutes acceptance of the updated policy.
13. Contact
For questions about this policy or to exercise your data rights, please contact: