Legal

Privacy Policy

Last updated: 21 June 2026

Who we are

Gaidant ("Gaidant", "we", "our", "us") is a strategic AI advisory practice operated from Singapore. This policy describes how we collect and use personal information when you visit gaidant.com, contact us, or engage our services.

What we collect

We collect three categories of personal information:

  • Information you provide directly - name, email, company, role, and the contents of any message you submit through our contact form, checklist download form, or discovery-call booking.
  • Information collected automatically - basic technical data your browser sends when visiting any website (IP address, device type, browser, referrer, pages visited). This is collected for security and aggregate analytics, not to identify individuals.
  • Information we obtain in the course of an engagement - when you become a client, we may receive personal information about your team or stakeholders as part of the work. This is governed by the engagement letter, not this website policy.

Why we collect it

  • To respond to your inquiries and schedule discovery calls.
  • To deliver materials you request, such as the Board AI Readiness Checklist.
  • To operate and secure the website.
  • To meet legal, tax, and accounting obligations.

We do not sell your personal information. We do not use it to build advertising profiles. We do not run remarketing or behavioral advertising campaigns.

Third-party services we use

The website relies on a small number of third-party services. Each receives only the information necessary for its function:

  • Calendly - when you book a discovery call, your name, email, and any answers you provide go to Calendly to schedule the meeting.
  • Formspark - when you submit the contact form or the checklist download form, your input is delivered to us via Formspark.
  • Google Analytics - if enabled, used to understand aggregate traffic patterns. It is configured to not collect data that identifies individuals.
  • Hosting and content delivery - the website is hosted on Amazon Web Services. AWS receives standard request logs as part of operating the infrastructure.

How long we keep it

We keep contact form submissions and discovery-call records for as long as needed to follow up on your inquiry or for legitimate operational purposes, typically no more than 24 months unless an active engagement requires longer retention. You may request deletion at any time.

Your rights

You can ask us to:

  • Tell you what personal information we hold about you.
  • Correct anything inaccurate.
  • Delete your information, subject to any overriding legal obligations.
  • Stop sending you any communication you have not specifically requested.

To exercise any of these, email [email protected]. We will respond within 30 days.

Cross-border data transfers

Our third-party services are operated by US- and Europe-based providers and may store data outside Singapore. We rely on those providers' standard data-transfer mechanisms.

Security

We use generally accepted technical and organizational measures appropriate to the nature of the data we hold. No method of transmission or storage is perfectly secure. If you have reason to believe an interaction with us is no longer safe (for example, you suspect your account has been compromised), let us know immediately.

Changes to this policy

We will update this policy when our practices change. The "Last updated" date at the top reflects the most recent revision. Material changes will be flagged on this page for at least 30 days.

Contact

For any privacy question, email [email protected].