Our Policies
We disclose conflicts before we start. We do not take referral fees from vendors we recommend. Your IP stays yours. Our engagement letters spell this out.
Transparency on conflicts, IP ownership, confidentiality, independence, and data handling.
CORE POLICIES
We disclose any relationships, investments, or affiliations that could create a conflict. If we have worked with your competitor, advised a vendor you're considering, or have any other potential conflict, you will know before we start.
We do not accept referral fees, commissions, or kickbacks from vendors we recommend. Our advice is independent. If we recommend a tool or partner, it's because we believe it's right for you, not because it pays us.
We will not work with direct competitors simultaneously in the same geographic market. If a conflict arises during our engagement, we discuss it immediately and, if necessary, withdraw from one engagement.
All work product created for your engagement—strategies, reports, code, models, frameworks—belongs to you. We do not retain ownership, licensing rights, or the ability to reuse your IP with other clients.
We bring our own methodologies, tools, and frameworks to engagements. These remain our IP but are licensed to you for your internal use during and after the engagement. We may reuse these with other clients.
Every engagement letter includes explicit IP assignment language. No ambiguity, no disputes.
Your confidential information remains confidential forever. This obligation survives the end of our engagement and has no expiration date.
We do not publish case studies, testimonials, or reference your organization without your explicit written consent. If you want anonymity, you get anonymity.
When using third-party AI services (Claude, GPT-4, etc.), we ensure your data is processed under enterprise agreements with no training opt-in. Your data does not train public models.
We do not have financial relationships with vendors, software companies, or service providers that we recommend to clients—except where explicitly disclosed upfront.
If the right answer is “you don't need us” or “you should build this in-house,” that's what we'll tell you. We optimize for your success, not our revenue.
We do not accept equity in exchange for advisory services. This ensures our recommendations are never influenced by a stake in your company's future decisions.
We comply with Singapore's Personal Data Protection Act (PDPA) and other applicable regional data protection regulations. Personal data is collected, used, and stored in accordance with these laws.
All client data is encrypted in transit (TLS 1.3+) and at rest (AES-256). Access is restricted to authorized personnel only and logged for audit purposes.
Unless otherwise agreed, we delete client data 90 days after engagement completion. If you require immediate deletion or longer retention, we accommodate that in the engagement letter.
Your sensitive data stays within Singapore or Malaysia data centers. We do not process client data through offshore subcontractors without explicit consent.
We are transparent about when and how AI tools are used in our work. Deliverables indicate which portions were AI-assisted and which were human-authored.
All AI-generated content is reviewed by a partner before delivery. We do not send unreviewed AI output to clients. A human is accountable for every deliverable.
We will not build AI systems designed for surveillance, manipulation, or other harmful purposes. We decline engagements that conflict with our ethical standards.
When building AI systems, we evaluate for bias and fairness. We document known limitations and recommend appropriate human oversight for high-stakes decisions.
These policies are included in every engagement letter. If you have specific requirements or need clarification, we'll address them before we start.
Get in Touch