Privacy and Data Protection

Key terms used in this policy are defined below to help you understand how we handle data in Veyalana engagements and on csolana.biz.

We collect information necessary to deliver coaching and mentoring services, manage engagements and improve client outcomes. Data collection is limited to what is relevant for case analysis, scheduling, billing and regulatory compliance.

When you engage with Veyalana or contact us via csolana.biz, we may ask for the following categories of information to set up and manage the relationship.

• Contact details: name, email address and telephone number used for appointment coordination and invoicing.
• Professional details: job title, organisation name, business sector and relevant reporting structure for tailoring coaching scenarios.
• Engagement records: session notes, goals, action plans and case materials provided by the client for mentoring or coaching purposes.
• Billing information: invoicing details, business registration number (e.g., Business ID S2580274A for Veyalana records) and payment transaction references.
• Assessment inputs: self-assessments, 360-degree feedback results and documents shared by the client to support diagnostic work.
• Communications: emails, messages and documented feedback platform during the client relationship for quality and continuity of service.

Certain technical information is collected automatically when you visit csolana.biz or use our online scheduling and resource systems to help maintain the site and improve user experience.

• Device and browser information: IP address, device type, operating system and browser version used to access the website.
• Usage data: pages visited, time spent on pages and navigation paths used to evaluate interest in services and refine content.
• Referral data: the site or link that referred you to csolana.biz to assess the effectiveness of outreach channels.
• Cookies identifiers: non-personal identifiers stored to remember preferences and session states on csolana.biz.
• Error logs: application and server logs capturing technical errors to support troubleshooting and site reliability.
• Analytics metrics: aggregated statistics derived from the above data to measure engagement without revealing individual identities.

We work with a limited set of trusted third parties who perform services on our behalf. These partners are only given access to data necessary to perform their role and are bound by contractual obligations to protect information.

• Payment processors and invoicing platforms used to issue and reconcile invoices for coaching and mentoring services.
• Cloud providers and secure storage vendors that host encrypted coaching files, session notes and assessment data.
• Professional service partners such as certified assessors and external facilitators engaged for specific client workshops under confidentiality agreements.

We process personal data to operate the business relationship effectively and to provide services in a practical, case-based manner. Typical purposes include:

• Setting up and managing coaching and mentoring engagements, including scheduling and session follow-ups.
• Conducting diagnostics and case-based analysis to deliver tailored recommendations and practical scenarios for clients.
• Issuing invoices, processing payments and maintaining business records required for accounting and tax compliance.
• Responding to enquiries, providing customer support and maintaining a history of communications relevant to service continuity.
• Improving our services by analysing aggregated usage patterns and outcomes from practical case studies, without exposing personal identifiers.
• Complying with legal obligations, dispute resolution and valid requests from authorities as required by law.
• Managing risk and security for our systems and client records to prevent unauthorized access and misuse.
• Delivering occasional service updates about Veyalana offerings where you have opted in to receive such communications.

We rely on appropriate legal bases to process personal data depending on the context of the processing activity and applicable law.

• Contractual necessity — processing required to perform a coaching or mentoring agreement with the client.
• Legitimate interests — processing for case-based service improvement, fraud prevention and business administration, balanced against individual rights.
• Consent — where you have explicitly agreed to certain processing, such as marketing communications or optional assessments.
• Legal obligation — processing necessary to comply with statutory or regulatory requirements in Singapore or other relevant jurisdictions.

Veyalana uses cookies and similar technologies on csolana.biz to enable site functionality, measure performance and remember user settings relevant to your browsing and service inquiry experience.

Cookies used include essential session cookies, performance analytics cookies and preference cookies. We do not use profiling cookies that sell personal data to third parties.

Categories: Essential cookies for site operation; Analytics cookies for usage measurement; Preference cookies to remember language and form inputs.

You can manage cookie preferences through your browser settings and the cookie banner on csolana.biz. Disabling certain cookies may affect site features such as scheduling tools.

Full cookie policy

We share personal data only when necessary and under safeguards. Below are the primary sharing scenarios.

• Service delivery partners who assist with payment processing or workshop facilitation, limited to the data needed for their role.
• Legal and regulatory authorities when required by law or to exercise or defend legal claims.
• Business advisors and auditors engaged to support business and compliance activities under strict confidentiality obligations.
• Affiliated consultants contracted by Veyalana to provide specialist assessments or training during a client engagement.
• Aggregated, anonymised data shared for research or thought leadership purposes that does not identify individual clients.
• Client-authorised disclosures where you have explicitly agreed that we may share records with another party (for example, HR or legal counsel).

Personal data may be transferred outside Singapore when necessary to deliver services or to use third-party platforms. Transfers are conducted with appropriate safeguards to maintain protection equivalent to domestic standards.

Safeguards include contractual data processing agreements, standard contractual clauses where applicable, encryption of stored data and limiting access to named personnel and processors.

Retention periods are set according to the purpose of processing and legal or business needs. We retain data only as long as necessary to fulfil those purposes.

Account and client engagement records, including session notes and invoices, are typically retained for a minimum of seven years for business continuity and accounting purposes, unless a different legal retention period applies.

Email correspondence and messages related to an engagement are kept while the client relationship is active and archived afterward for up to three years to support follow-up services and dispute resolution.

Technical logs and analytics data are retained in aggregated or de-identified form for up to two years to support site performance monitoring and service improvement.

When data is no longer required, we securely delete or anonymise it. Clients may request deletion of personal information subject to legal and contractual constraints.

Veyalana applies administrative, technical and physical measures to protect data, including encrypted storage, role-based access controls and regular reviews of security practices. Staff receive training on confidentiality and data handling aligned with our case-driven coaching methodology.

• Access control and authentication, limiting data access to authorised personnel working on a specific client engagement.
• Encryption of sensitive records in transit and at rest, and secure backups to prevent accidental loss.
• Periodic security audits, patch management and incident response procedures to detect and address vulnerabilities promptly.

Depending on your jurisdiction, you may have rights regarding your personal data. Veyalana supports these rights and provides clear processes to exercise them.

• Right of access — request a copy of personal data we hold about you and information on how it is processed.
• Right to rectification — request correction of inaccurate or incomplete personal data used in your coaching or mentoring records.
• Right to erasure — request deletion of personal data insofar as retention is not required by law or necessary for contractual reasons.
• Right to restriction of processing — ask us to limit certain types of processing during dispute resolution or where accuracy is contested.
• Right to data portability — request a structured, commonly used and machine-readable copy of personal data you have provided to us.
• Right to object — object to processing based on legitimate interests, including profiling for direct marketing purposes where applicable.
• Right to withdraw consent — where processing is based on consent, you can withdraw it at any time without affecting processing prior to withdrawal.
• Right to lodge a complaint with a supervisory authority if you believe your rights have not been respected; we will respond to all valid requests in line with applicable timelines.

Although Veyalana is based in Singapore, we recognise GDPR principles where they apply to EU/EEA data subjects. We adhere to data protection best practices, respect lawful bases for processing and implement safeguards for international data transfers. Clients with GDPR-related questions can contact our data protection representative for specific arrangements.

Veyalana assesses GDPR applicability on a case-by-case basis. If we process personal data of individuals located in the European Economic Area in connection with our executive coaching or mentoring services, we apply GDPR principles such as lawfulness, purpose limitation and data subject rights to that processing. For routine engagement with clients in Singapore we follow local data protection obligations while aligning practices to international standards where relevant.

• Lawful basis and transparency: we record the lawful basis for each processing activity and inform individuals of the purposes and legal grounds for processing.
• Purpose limitation: personal data is collected only for defined coaching, mentoring, assessment and administrative purposes tied to a specific client engagement.
• Data minimisation and accuracy: Veyalana limits data collection to what is necessary for agreed services and implements measures to keep records accurate and up to date.
• Rights of data subjects: where GDPR applies, individuals may exercise rights to access, rectify, restrict processing, object and request portability within the scope of the regulation.

If you believe Veyalana has not appropriately handled your personal data, contact our Data Protection Officer at [email protected] with a clear description of the issue. We will contribute and respond. If the matter relates to GDPR and remains unresolved, you may also lodge a complaint with the relevant supervisory authority in your jurisdiction.

To exercise your rights (access, correction, deletion, restriction or portability) please submit a request to [email protected] including your name, business ID if applicable, the nature of the request and any supporting evidence to verify your identity. For current client matters, referencing your engagement agreement or invoice number helps us process requests more efficiently. We may ask for additional information to verify your identity before acting.

[email protected]

We aim to acknowledge receipt within 5 business days and provide a substantive response within 30 calendar days. Complex requests or those requiring coordination with third parties may take longer; you will be informed if an extended timeframe is needed.

Veyalana uses contact details provided during engagement to deliver service-related messages, scheduling notices and occasional information about relevant programs, case studies and events. Marketing communications are based on consent where required or on our legitimate interest to inform clients and prospects about professional offerings. We tailor content using anonymised engagement insights and case-based examples to keep messages practical and relevant.

You can opt out of marketing emails at any time using the Unsubscribe link at the bottom of our messages or by emailing [email protected] with 'Unsubscribe' in the subject line. Opting out of marketing will not prevent us from sending transactional communications related to active engagements.

Services offered by Veyalana are aimed at professionals, executives and organisations. We do not knowingly collect personal data from children under 16. If a representative believes we have collected information about a minor without appropriate parental consent, contact us so we can promptly review and take appropriate steps.

Our site and client portals may link to or integrate with third-party platforms, assessment providers and tools. Those services have their own privacy terms and practices. We recommend reviewing third-party privacy notices before providing personal information. Veyalana is not responsible for the privacy practices of external sites.

We share personal data only when necessary and under safeguards. Below are the primary sharing scenarios.

Full cookie policy

We periodically review and update our privacy practices to reflect legal, operational and technological changes. Material updates will be published on our website with an updated effective date. Routine clarifications or minor edits may be applied without prior notice if they do not affect individuals' rights or legitimate expectations.