top of page
Untitled_edited.png

Data Protection Statement

LevelUp Game LLP offers products and services relating to individual development, education, and applied psychology, including psychometric assessments, digital platforms, and advisory services. We work directly, and where relevant through partners and affiliated entities, with organisations and individuals globally.

Under applicable privacy and data protection laws, individuals have rights regarding how their personal information is handled. We recognise the importance of treating personal data in a lawful, fair, and transparent manner, taking into account the nature and sensitivity of the data, and implementing processes to ensure it is kept secure.

We are committed to complying with applicable data protection laws, including the Personal Data Protection Act 2012 of Singapore (PDPA) and, where applicable, the General Data Protection Regulation (EU) 2016/679 (GDPR). These laws strengthen individuals’ rights and require organisations to implement appropriate safeguards. We have aligned our privacy, data protection, and information security practices to ensure consistency, accountability, and protection across our operations.

Our Approach to Privacy and Data Protection

 

We are committed to strong privacy, data protection, and information security practices. These are embedded into our products, platforms, operations, and contractual arrangements.

We adopt a layered approach to privacy and data protection, including:

  • our Privacy Policy, which explains in detail how we collect, use, disclose, and retain personal data;

  • this Data Protection Statement, which summarises our approach and principles;

  • Privacy Notices provided at specific data collection points (including our assessment platforms and websites);

  • mechanisms for managing marketing preferences, cookie preferences, and participation in research and surveys.

Privacy and Data Protection Principles

 

We adhere to the following core principles:

  • Lawfulness, fairness and transparency
    Personal data is processed where we have a valid legal basis and in a manner that is fair and transparent.

  • Purpose limitation
    Personal data is collected only for specific, legitimate purposes that have been clearly communicated, and is not used in ways incompatible with those purposes (subject to reasonable archival, backup, and research practices).

  • Access and control
    Where we control personal data, individuals may request access, correction, or withdrawal of consent, subject to applicable law.

  • Data minimisation
    We only collect and process personal data that is necessary and relevant for the stated purposes.

  • Accuracy and data integrity
    Personal data is kept accurate and up to date, and individuals may request corrections where appropriate.

  • Storage limitation
    Personal data is retained only for as long as necessary for the purposes for which it was collected, subject to legal and business requirements.

  • Security and confidentiality
    Personal data is protected through appropriate technical and organisational measures.

  • Accountability and governance
    We maintain processes for transparency, handling complaints, and continuous improvement of our data protection practices.

Privacy Policies and Notices

 

Our Privacy Policy explains:

  • how we collect, use, and retain personal data (including sensitive data where applicable),

  • our legal bases for processing,

  • how data is shared and transferred (including internationally),

  • and the rights available to individuals.

At data collection points, we provide Privacy Notices that explain the purpose of collection and, where required, obtain consent.

Technical and Organisational Measures

 

We maintain internal policies and procedures governing the handling of personal data, including:

  • data protection policies,

  • records retention and destruction policies,

  • information security policies and procedures.

 

These define how personal data is collected, stored, processed, and securely disposed of.

Our measures include:

  • governance frameworks and risk assessment processes;

  • secure infrastructure and hosting environments (including EU-based hosting where applicable);

  • access controls, authentication, and monitoring;

  • security technologies such as encryption and anti-malware protection;

  • staff training and awareness programmes;

  • incident response and business continuity procedures;

  • audit and compliance checks.

All personnel, including employees, contractors, and partners, are required to comply with these policies.

Controller and Processor Responsibilities

 

Where LevelUp Game LLP acts as a data controller, we determine the purposes and means of processing personal data and are responsible for ensuring compliance with applicable data protection laws, including respecting individuals’ rights.

Where we act as a data processor, we process personal data on behalf of our customers (who act as controllers) and do so in accordance with their instructions and applicable legal requirements.

We enter into appropriate contractual arrangements, including data processing agreements, to ensure that personal data is handled securely and lawfully.

Where personal data is transferred across jurisdictions, including between Singapore and the European Union, we implement appropriate safeguards such as standard contractual clauses or equivalent mechanisms, where required.

Data Retention

As a general principle, we retain personal data in identifiable form only for as long as necessary to fulfil the purposes for which it was collected, or as required or permitted by applicable law.

In practice, this may include retaining personal data:

  • for the duration of an active customer relationship or account;

  • for the period necessary to deliver products and services;

  • for compliance with legal, accounting, or reporting requirements.

 

Where appropriate, personal data is anonymised and retained in aggregated form for research, analytics, and product development purposes. Once anonymised, such data no longer identifies individuals.

 

Further detail on specific retention periods is provided in our Privacy Policy and internal retention policies.

Reporting Concerns and Contact

If you have any questions about privacy or data protection, or wish to exercise your rights, you may contact:

LevelUp Game LLP
Email: admin@thelevelupgame.com

You may also have the right to lodge a complaint with:

  • the Personal Data Protection Commission (PDPC) in Singapore; or

  • a relevant supervisory authority in the European Union, where applicable.

Scope of This Statement

This Data Protection Statement applies solely to LevelUp Game LLP and its operations. We are committed to complying with applicable data protection laws and to addressing any concerns relating to the handling of personal data.

bottom of page