Data Protection Notice (Privacy Policy)

DYNAMIC MANAGEMENT FORMULAE DMF PTE. LTD.

Last Updated: May 4, 2026

This Data Protection Notice ("Notice") sets out how Dynamic Management Formulae DMF Pte. Ltd. ("we", "us", or "our") collects, uses, discloses, and protects personal data in accordance with Singapore's Personal Data Protection Act 2012 ("PDPA"). This Notice applies to personal data in our possession or under our control, including personal data held by organizations we engage to process data on our behalf.

In this Notice, "personal data" means data, whether true or not, about an individual who can be identified (a) from that data, or (b) from that data and other information we have or are likely to have access to. "NoWen" means our financial early warning SaaS platform that connects to accounting software and delivers tailored insights through financial early warning signals benchmarked against Singapore industry thresholds.

Personal Data We Collect

Depending on your relationship with us, whether you are a customer, website visitor, early access participant, beta tester, partner, referral source, job applicant, contractor, or event attendee, we may collect the following categories of personal data through web forms, sign-up flows, cookies, third-party referrals, partner introductions, and similar channels:

Profile Information: Names, job titles, organization names, email addresses, telephone numbers, mailing addresses, LinkedIn profiles, and photos or videos you submit for marketing or testimonial purposes.
Account and Usage Data: Login timestamps, website or NoWen dashboard usage patterns, IP addresses, session logs, device types, operating system details, and browser versions.
Financial and Transactional Data: Income data, financial records, tax records, bank transaction information, Profit & Loss and Balance Sheet reports retrieved from your accounting software or uploaded directly by you (such as Balance Sheet and P&L spreadsheets where accounting integration is unavailable), organization profile data (such as business name, currency, and financial year settings), billing details, invoicing records, and payment tokens. We do not store full payment card details.
Communications Data: Emails, chat transcripts, interaction notes, support tickets, and audio or video recordings of demo sessions, discovery calls, sales calls, and meetings (where recordings are made, with notification and consent).
Engagement Data: Event attendance, feedback forms, survey responses, and UTM codes.

Purposes for Collection, Use, and Disclosure

We use personal data strictly for the following purposes:

Providing, operating, and improving NoWen and our related services, including retrieving and analyzing your accounting data (read-only) and generating financial health predictions and tailored insights through AI-powered analysis. This analysis is performed by our AI service providers, who process your financial data on our behalf.
We do not use your personal data to train, retain, or improve our artificial intelligence models. Only pre-trained models are used for inference to generate insights.
Managing your account, subscriptions, billing, and payment processing.
Communicating with you, for example, transactional and service-related emails, customer support (chat and ticketing), and responding to your enquiries.
Business development activities, such as scheduling demos, sending proposals, and managing leads.
Marketing and outreach, including newsletters, campaigns, and referral programs, only with your consent.
Analytics and product improvement, tracking website and app usage, conducting A/B testing, collecting feedback, and performing non-personalised benchmarking.
Compliance, audit, and regulatory obligations, including responding to lawful requests from authorities.

Disclosure to Third Parties

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

We may disclose personal data to the following categories of recipients for the purposes described above:

Service Providers: Cloud hosting and storage providers, customer relationship management platforms, customer engagement and live chat services, analytics and website optimization tools, email delivery services, AI and machine learning service providers, accounting platform integrators, and payment processors, who perform services on our behalf and are bound by confidentiality and data protection obligations.
Professional Advisers: Legal advisors, auditors, and bankers.
Regulatory Bodies: Authorities such as IRAS, PDPC, and law enforcement agencies as required by law.
Service-Level Partners and Accounting Firm Partners: Partners who refer or onboard end-clients to NoWen. If you were introduced to NoWen by a partner, that partner may receive confirmation of your account status for the purpose of their referral arrangement. We do not share your data with partners otherwise. In the future, we may operate a two-way referral arrangement where we refer our customers to partner advisory or accounting services. Any such data sharing will require separate consent.
Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, subject to appropriate safeguards.
With Your Consent: Any other disclosures you authorize.

Consent & Withdrawal of Consent

We obtain clear and informed consent before collecting, using, or disclosing personal data, unless exceptions under the PDPA apply. For sensitive personal data, including financial records, we obtain express consent (recorded in writing), for example, through a consent checkbox or a signed agreement. You may withdraw your consent at any time by contacting our Data Protection Officer; we will inform you of any consequences and process your request as soon as reasonably practicable. Withdrawal may not affect processing required by law.

If you provide personal data about another individual (such as a referral or team member), you must ensure you have their consent. When we receive personal data from a third party like an accounting firm, we understand that party has obtained your consent. If you believe data has been shared without consent, please contact our DPO immediately.

How We Protect Your Data

We implement reasonable technical and organizational measures to protect personal data, including encryption in transit and at rest, access controls, multi-factor authentication for administrative access, and secure session management. Our accounting platform integration uses OAuth 2.0 with read-only access. We select service providers whose security practices align with our obligations under the PDPA and who are obligated by their own terms and agreements to provide appropriate data protection. Where we engage data intermediaries, we require them to maintain equivalent standards.

For any artificial intelligence processing of your personal data, we configure our AI service providers to enable Zero Data Retention, which means your data is not stored after analysis. This approach is designed to maximize privacy and comply with the PDPA.

While we strive to protect personal data, no method of transmission over the internet or electronic storage is completely secure. We periodically review and enhance our information security measures.

How Long Do We Keep Your Data

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Different types of data have different retention periods depending on their nature, the purpose of collection, and applicable legal obligations. Once the applicable retention period expires, your personal data is securely deleted or anonymized from our systems.

Third-party service providers that process your data on our behalf apply their own retention and deletion policies. We select providers whose practices align with our obligations under the PDPA. You may contact our Data Protection Officer for details on any specific provider's retention schedule.

Cross-Border Data Transfers

Personal data is primarily stored in Singapore. However, some of our service providers may process data in other jurisdictions, including the United States, India, and the European Union, depending on the data center used. Where data is transferred outside Singapore, we ensure that the recipient provides a standard of protection comparable to the PDPA, such as through Standard Contractual Clauses, contractual agreements, or by verifying that the country has adequate data protection laws.

Cookies & Tracking

We use cookies and similar technologies on our website and within the NoWen application to provide essential functionality (such as session management), analyze usage, deliver support features like live chat, and personalize marketing communications. You can manage your cookie preferences through our cookie consent banner and your browser settings. Non-essential cookies will not be deployed without your consent.

Your Rights

You may request access to the personal data we hold about you, or ask us to correct any inaccuracies. You may also withdraw your consent at any time, where our processing is based on consent.

To exercise any of these rights, please contact our Data Protection Officer using the details below. We will respond to your request as soon as reasonably practicable.

Contact Our Data Protection Officer

Email: dynamicmanagementformulaedmf@dpoguard.com

Phone: +65 3158 1836

Changes to This Notice

We may update this Notice from time to time. The revised version will be posted on our website with the "Last Updated" date. If the changes are material, we will notify you before they take effect through our website or by direct communication.