Scope of this policy
This Privacy Policy describes how LC Adroit Vantage Pte. Ltd. ("Keenai", "we", "us") collects, uses, discloses, and safeguards your personal data when you use the Keenai platform, websites, and mobile applications. It applies to prospective and existing users, visitors to our websites, and authorised representatives of corporate clients.
This policy is issued in accordance with the Singapore Personal Data Protection Act 2012 ("PDPA") and is supplemented by privacy notices published by our licensed partners, including Lighthouse Canton Pte Ltd ("LCPL") and BNY Pershing, which govern personal data processed under regulated service relationships.
Personal data we collect
Identity and personal data
- Full legal name, date of birth, nationality, residency
- Government-issued identity documents (passport, national ID)
- Residential and correspondence addresses
- Email addresses, phone numbers
- Photograph or video image (where required for KYC identity verification)
Financial and eligibility data
- Accredited Investor declarations and supporting evidence (pay slips, bank statements, holdings statements, valuation certificates)
- Source of wealth, source of funds, employment status, occupation
- Tax residency, tax identification numbers, FATCA/CRS declarations, Form W-8BEN
- Bank account details including account number, sort code, and IBAN
- Details of debit or credit cards registered with us (card number, expiry date, CVC)
- Income and financial obligations where relevant to product eligibility
Platform usage data
- Device identifiers, IP address, browser type, operating system
- Access logs, session timestamps, feature usage, click and scroll telemetry
- Account activity: logins, fund transfers, subscription, redemption, trading activity
- Page response times, download errors, length of visits, and browsing methods
- Mobile network information, mobile operating system, and mobile browser type
Location data
- If you enable location services in the Keenai app, we collect GPS location data to provide location-relevant services and protect against fraud
Communications
- Messages and attachments sent via the in-app messenger
- Call recordings (where legally permitted and disclosed at point of call)
- Email correspondence with client services, investment team, and compliance
Data from third parties
- Credit reference agencies, financial institutions, official registers, and databases
- Fraud prevention agencies and onboarding verification partners
- Publicly available sources including media, online registers, and directories (for enhanced due diligence and KYC purposes)
- Social media platforms where publicly available information is used for sanctions screening or anti-money laundering obligations
Why we process your data
We process your personal data on the following legal bases under the PDPA: contractual necessity, legal obligation, legitimate interests, substantial public interest, and consent.
Providing our services
- Verifying your identity and Accredited Investor status (KYC/AML/CFT obligations)
- Deciding whether to approve your application for products or services
- Facilitating introductions to licensed partners including LCPL and BNY Pershing
- Providing platform features: portfolio aggregation, performance reporting, document vault
- Processing account funding instructions, trade confirmations, and corporate actions
- Maintaining audit trails, regulatory recordkeeping, and compliance monitoring
- Providing client service, responding to queries, resolving complaints
- Recovering debt and exercising other rights under any agreement with you
Security and fraud prevention
- Preventing fraud, money laundering, financing of terrorism, and market abuse
- Conducting enhanced due diligence and sanctions screening
- Protecting the security of accounts and platform infrastructure
Marketing and personalisation
- Personalising your in-app experience and marketing messages about our products and services
- Providing information about partners' promotions or offers where you have agreed to receive these
- Measuring the effectiveness of our marketing and advertising campaigns
- Providing relevant advertising to you based on your use of the platform (where you have consented)
- Sharing data with advertising partners and social media platforms to deliver relevant ads (where you have consented)
Platform operations
- Troubleshooting, data analysis, testing, research, and statistical purposes
- Ensuring content is presented effectively for your device
- Improving the platform via aggregate, non-identifying analytics
- Keeping our website and app safe and secure
Legal and regulatory compliance
- Complying with legal, tax, regulatory, and court-order obligations
- Reporting to and cooperating with the Monetary Authority of Singapore, PDPC, and other regulatory or law enforcement bodies when legally required
Automated decisions
We may use technology to evaluate your personal circumstances and other factors to predict risks or outcomes. This is used for the efficient running of our services and to ensure decisions are fair, consistent, and based on accurate information. Where we make an automated decision that significantly affects you, you have the right to request that it is manually reviewed by a person. Contact us at privacy@keenaiglobal.com to exercise this right.
Cross-border transfers
Because Keenai operates in Singapore, India, Dubai, Australia, and the United States, and our custodian is based in the United States, your personal data may be transferred and processed outside Singapore. When we do so, we ensure the recipient provides a standard of protection at least comparable to the PDPA, through contractual safeguards, data-transfer agreements, or reliance on the recipient's own adequate legal regime.
How we protect your data
Keenai maintains the following technical and organisational controls, independently audited under our ISO 27001, ISO 27017, ISO 27018, and SG Cyber Safe certifications:
- Encryption in transit (TLS 1.2+) and at rest (AES-256)
- Role-based access with least-privilege principles
- Multi-factor authentication on staff and client accounts
- Segregated production environments with immutable audit logging
- Annual penetration testing and continuous vulnerability management
- Formal incident-response plan with regulator-notification workflow
- Staff training on data handling, phishing resistance, and confidentiality, refreshed annually
While we take all reasonable steps to ensure your personal data is kept secure, we cannot guarantee security during transmission. We use HTTPS (TLS) for all app, web, and payment-processing services. Please keep your account password or passphrase confidential and do not share it with anyone.
How long we keep your data
We retain personal data only as long as necessary for the purposes set out above, and for the minimum periods mandated by Singapore law. Typically:
- A minimum of five (5) years from the end of the client relationship for records supporting regulated financial services and AML obligations
- Seven (7) years where required by anti-money laundering or applicable financial laws
- Twenty-four (24) months for platform telemetry and usage data
We may retain data for longer because of a potential or ongoing court claim, or for another legal reason. Upon expiry of the applicable retention period, personal data is securely deleted or irreversibly anonymised.
Your rights under the PDPA
You have the following rights in respect of the personal data we hold about you:
| Right | What it means |
|---|---|
| Access | Request a copy of the personal data we hold about you |
| Correction | Ask us to correct inaccurate or incomplete personal data |
| Withdrawal of consent | Withdraw consent previously given for processing. Note: withdrawal may affect our ability to continue providing services |
| Data portability | Where technically feasible, receive your data in a machine-readable format |
| Opt out of marketing | Ask us to stop sending you marketing communications at any time via the app notification settings or by contacting us |
| Automated decision review | Request that any automated decision significantly affecting you is reviewed by a person |
| Account deletion | Request deletion of your Keenai account and associated personal data (subject to legal retention obligations) |
| Lodge a complaint | Complain directly to us, or to the Personal Data Protection Commission (PDPC) of Singapore at pdpc.gov.sg |
Requests should be addressed to our Data Protection Officer at privacy@keenaiglobal.com. We respond to verified requests within 30 days.
Account and data deletion
You may request deletion of your Keenai account and associated personal data by contacting privacy@keenaiglobal.com or through the account settings in the Keenai app. We will action verified deletion requests within 30 days, subject to our legal obligations to retain certain records under Singapore law, LCPL's regulated obligations, and anti-money laundering requirements (minimum five years from the end of the client relationship). Data required for legal compliance will be retained for the mandatory period before deletion.
How we use your data for marketing
If you sign up to our services and where national laws allow, we may contact you by post, push notification, email, and in-app message with information about our products and services. We will always make it clear how to stop receiving these communications.
We use your personal data in personalised marketing messages about our products and services so they are more relevant and interesting to you. This may include analysing how you use our products, services, and your transactions.
We may use your data for direct marketing purposes, including profiling, to make our marketing more relevant. You can object to this at any time using the in-app preferences or by contacting us directly.
If you do not want to receive personalised marketing communications, you can opt out through the in-app settings at any time.
We will not pass your details to any organisation outside the LCPL group for their marketing purposes without your explicit consent.
Updates to this policy
We may update this Privacy Policy from time to time. Material changes will be notified through the platform and by email to registered users at least 14 days before taking effect. The date at the top of this document reflects the most recent revision. We will also update this policy whenever we add new SDKs, change data collection practices, or in response to changes in applicable law or app store requirements.
Contact us
For any questions, requests, or concerns about this policy or how we handle your personal data:
- Data Protection Officer
- privacy@keenaiglobal.com
- Registered Address
- 16 Collyer Quay, #11-02 Collyer Quay Centre, Singapore - 049318
- PDPC Singapore
- pdpc.gov.sg
- Regulated services privacy
- See LCPL Privacy Notice (issued separately)
Important disclosure
LC Adroit Vantage Pte. Ltd. is a technology and information platform. It is not a licensed financial adviser. All regulated investment advisory, suitability assessment, and portfolio management services are provided by Lighthouse Canton Pte Ltd (CMS100443), a licensed capital markets services provider regulated by the Monetary Authority of Singapore. Please refer to the LCPL Privacy Notice for data processed in connection with regulated services.