Below you can find the Privacy Policy / Data Protection for TRUECHART PTE LTD and the use of this website. 
For Privacy Policies of specific products, see:

• SLICERBAR for Microsoft Power BI

PRIVACY POLICY 

Effective Date: 26th Feb. 2026 

This Privacy Policy (the “Policy”) sets out the basis on which TRUECHART Private Limited (UEN: 201915045C), a company incorporated under the laws of Singapore (“TRUECHART”, “we”, “us”, or “our”), collects, uses, discloses, retains, and otherwise processes personal data in connection with its software applications, software-as-a-service offerings (including, but not limited to TRUECHART and TRUECHART+), websites, platforms, and any related products or services (collectively, the “Services”). 

This Policy forms an integral part of, and must be read in conjunction with, TRUECHART’s General Terms and Conditions and End User License Agreement (collectively, the “Contractual Documents”), which govern the access to and use of the Services. In the event of any conflict or inconsistency between this Policy and any of the Contractual Documents, the provisions of the Contractual Documents shall prevail to the extent of such inconsistency. 

This Policy is drafted primarily to ensure compliance with the Personal Data Protection Act 2012 of Singapore, including all subsidiary legislation and guidelines issued thereunder (“PDPA”). To the extent applicable, and only where required by law, this Policy also reflects relevant principles of the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”). 

1. SCOPE AND APPLICATION 

1.1. Scope of Personal Data Processing 

This Policy applies to all personal data collected, received, stored, or otherwise processed by TRUECHART in connection with the provision of its Services, including but not limited to: 

• the licensing, access, and use of TRUECHART software and SaaS subscriptions; 
• administration, management, and support of customer accounts, including billing, user provisioning, and customer service interactions; 
• access to, and communications through, TRUECHART websites, portals, and other online platforms; and 
• the provision, operation, maintenance, improvement, and security of the Services, including monitoring and analytics for performance, reliability, and security purposes. 

1.2. Target Audience and Data Subjects 

The Services are primarily provided to business entities and their authorized personnel (“Business Customers”). Accordingly, the personal data processed under this Policy may relate to a range of individuals, including but not limited to: 

• authorized users of the Services designated by Business Customers; 
• representatives, officers, employees, agents, or contractors of Business Customers; 
• prospective customers, business partners, or vendors; and 
• visitors to TRUECHART websites or online platforms who provide personal data voluntarily. 

1.3. Applicability to All Data Processing 

This Policy governs the processing of personal data in all operational contexts of TRUECHART’s business, regardless of whether the processing occurs electronically, digitally, or in paper-based form, and whether the Services are accessed from Singapore or other jurisdictions. 

1.4. Recruitment and Applicant Data 

TRUECHART may collect and process personal data relating to job applicants, candidates, interns, contractors, and other individuals who submit applications for employment or engagement with TRUECHART (collectively, “Applicants”).  Such personal data may include, without limitation: 

• Identification and contact details (e.g., name, residential address, telephone number, email address); 
• Curriculum vitae (CV), resumes, employment history, educational background, professional qualifications, certifications, and references; 
• Information provided during interviews, assessments, background checks, or evaluation processes; 
• Work authorization status and eligibility documentation; and 
• Any other information voluntarily submitted by the Applicant in connection with the recruitment process. 

Applicant personal data is collected and processed solely for legitimate recruitment and human resource purposes, including: 

• Evaluating suitability for current or future employment or engagement opportunities; 
• Conducting interviews, assessments and reference checks; 
• Verifying qualifications, experience, and work eligibility; 
• Communicating with Applicants regarding their applications; 
• Complying with applicable legal, regulatory and employment obligations. 

Where required under the Personal Data Protection Act 2012 (“PDPA”), processing of Applicant data shall be based on consent or deemed consent arising from the voluntary submission of application materials. 

Applicant personal data shall be retained only for as long as reasonably necessary to fulfill the recruitment purposes described above or as required by applicable law. Unsuccessful applications may be retained for a reasonable period for consideration of future roles, unless the Applicant withdraws consent or requests deletion, subject to legal retention requirements. 

TRUECHART shall implement appropriate technical and organizational measures to protect Applicant personal data in accordance with Section 7 (Data Security) of this Policy. 

2. PERSONAL DATA WE COLLECT 

2.1. Categories of Personal Data 

Depending on the nature of the relationship with TRUECHART and the Services used, TRUECHART may collect, process, and store the following categories of personal data from Business Customers, authorized users, prospects, vendors, and website visitors: 

• Account and Contact Information: full name, business email address, telephone number, job title, company or organizational affiliation, and other business contact details necessary to administer accounts or provide Services; 
• User Credentials and Authentication Data: usernames, passwords, access identifiers, authentication logs, and related security information necessary to control access to TRUECHART software or SaaS subscriptions; 
• Usage and Technical Information: IP addresses, device identifiers, browser type, operating system, log files, access timestamps, and usage metrics collected to monitor, maintain, and optimize the performance, security, and reliability of the Services; 
• Support and Communication Records: information exchanged in customer support interactions, including emails, chat records, meeting notes, service requests, and feedback; 
• Billing and Commercial Information: invoicing and payment contacts, billing addresses, subscription or licensing status, and payment records (excluding full credit card details, which are not stored by TRUECHART); and 
• Website and Online Platform Data: cookies, analytics data, and similar technologies used to improve user experience, measure website performance, and provide personalized content. 

2.2. Sensitive Personal Data 

TRUECHART does not intentionally collect or process sensitive personal data (such as racial or ethnic origin, health information, religious or political beliefs, or trade union membership) except to the extent strictly necessary for the Services and expressly authorized in writing by the Customer, in accordance with the usage restrictions and terms set forth in the EULA. 

2.3. Scope of Collection 

Personal data is collected only to the extent necessary for the legitimate business purposes described in this Policy, and all collection, storage, and processing activities are conducted in compliance with applicable data protection laws, including the Singapore PDPA and where applicable, the EU GDPR. 

3. PURPOSE OF PROCESSING 

3.1. Legitimate Business Purposes 

TRUECHART processes personal data solely for legitimate business purposes directly related to the provision, operation, and management of its software products, SaaS services (including TRUECHART+), websites, and related Services. Such purposes include, without limitation: 

• Provision and Maintenance of Services: enabling access to, operating, and maintaining the Services, including installation, configuration, updates, and technical support; 
• User Authentication and Access Management: managing user accounts, access credentials, license validation, and authorization controls in accordance with the EULA and applicable order forms; 
• Customer Support and Service Communications: responding to inquiries, providing training, delivering onboarding assistance, and maintaining ongoing communications regarding Services; 
• Billing and Contract Administration: generating invoices, processing payments, managing subscriptions or licenses, and performing other administrative and contractual obligations; 
• Security, Audit and Compliance: monitoring access and usage to ensure data security, detect unauthorized activity, enforce contractual obligations, and comply with legal, regulatory, or internal audit requirements; 
• Product and Service Improvement: analyzing aggregated, anonymized, or pseudonymized data to optimize performance, enhance functionality, develop new features, and support service analytics, research, and innovation; and 
• Legal, Regulatory and Risk Management: fulfilling obligations under applicable law, regulatory requirements, and risk management policies, including dispute resolution and enforcement of rights under the GTCs and EULA. 

3.2. Restrictions on Use 

TRUECHART does not use personal data for advertising profiling, marketing to third parties, or commercial resale. Personal data is processed strictly in accordance with the purposes set forth herein and with the Customer’s explicit authorization where required. 

3.3. Consistency with Contractual Terms 

All processing of personal data is conducted in strict accordance with the obligations and rights set forth in the GTCs, EULA, and any applicable Data Processing Addendum, ensuring alignment with contractual commitments, including audit rights, confidentiality, and data security standards. 

4. LEGAL BASIS AND CONSENT (PDPA) 

4.1. Legal Basis for Processing 

In accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”), TRUECHART processes personal data only when a valid legal basis exists, including, without limitation: 

• Consent: processing based on the individual’s explicit or deemed consent, including consent implied or necessary for the performance of contractual obligations under the GTCs, EULA, or relevant order forms; 
• Legitimate Business Purposes: processing that is reasonably necessary for the provision, operation, maintenance, and administration of the Services, including account management, license validation, support, billing, and security measures; 
• Legal Obligations: processing required to comply with applicable laws, regulations, regulatory requests, court orders, or other mandatory legal or governmental obligations. 

4.2. Withdrawal of Consent 

Where processing is based on consent, individuals may withdraw such consent at any time by following the procedures set out in Section 9 (Access, Correction, and Withdrawal of Consent) of this Policy. Withdrawal of consent shall not affect the lawfulness of processing prior to such withdrawal and may be subject to contractual or legal limitations, including obligations to maintain access to or use of the Services under the GTCs and EULA. 

4.3. Consistency with Contractual and Regulatory Obligations 

All processing based on consent or other legal bases is conducted in strict compliance with the PDPA, applicable contractual obligations under the GTCs and EULA, and any relevant Data Processing Addendum. TRUECHART shall ensure that personal data is collected, used, disclosed and retained only to the extent necessary to fulfill the stated purposes. 

5. DISCLOSURE OF PERSONAL DATA 

5.1. Permitted Recipients 

TRUECHART may disclose personal data strictly on a need-to-know basis and solely for purposes consistent with this Policy, the GTCs, and the EULA, including, without limitation, to: 

• Affiliates within the HICO Group, including HICO Group AG, HighCoordination GmbH, and HICO SA Pty Ltd. for operational, administrative, technical support, service delivery, and compliance purposes; 
• Hosting and infrastructure providers, such as Kamatera, engaged in the provision, maintenance, or support of SaaS services, including TRUECHART+; 
• Subprocessors and service providers, including IT support, cloud and analytics services, professional advisors, auditors, and other service providers that perform functions on TRUECHART’s behalf; 
• Regulatory authorities, courts, or governmental bodies, where disclosure is required by applicable law, regulation, or legal process. 

5.2. Obligations of Recipients 

All recipients of personal data are contractually required to maintain confidentiality, implement appropriate technical and organizational measures, and process personal data only in accordance with the purposes set forth in this Policy, the GTCs, and the EULA. TRUECHART shall remain responsible for any processing carried out by its affiliates, subprocessors, or service providers, to the extent required under applicable data protection laws, including the Singapore PDPA and where applicable, the EU GDPR. 

5.3. Limitations on Further Disclosure 

TRUECHART does not sell, trade, or otherwise make personal data available to unrelated third parties for marketing or commercial purposes. Any disclosure beyond the categories identified herein shall require express consent from the data subject or be required by law. 

6. CROSS-BORDER TRANSFERS 

6.1. Transfers Outside Singapore 

TRUECHART may transfer personal data to recipients located outside Singapore where such transfer is necessary for the provision, operation, or support of the Services, including SaaS offerings such as TRUECHART+. 

6.2. Safeguards and Legal Compliance 

In all cross-border transfers, TRUECHART shall ensure that: 

• The recipient is legally obligated to maintain a level of data protection that is at least equivalent to the protection afforded under the Singapore Personal Data Protection Act 2012 (“PDPA”); or 
• Appropriate contractual arrangements, technical measures and organizational safeguards are implemented to ensure that personal data remains secure and processed solely for purposes consistent with this Policy, the GTCs, and the EULA. 

6.3. Transfers Involving the European Union (EU) 

For personal data originating from the European Union or European Economic Area, TRUECHART shall implement GDPR-compliant transfer mechanisms, including, but not limited to, the use of Standard Contractual Clauses approved by the European Commission or other legally recognized safeguards, where required. 

6.4. Responsibility and Accountability 

TRUECHART remains fully responsible for the protection of personal data during any cross-border transfer, including any processing carried out by affiliates, subprocessors, or other third parties involved in delivering the Services. 

7. DATA SECURITY 

7.1. General Security Measures 

TRUECHART shall implement and maintain technical, administrative, and organizational measures that are appropriate to the nature, scope, context, and purposes of processing personal data, and proportional to the risks of accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. 

7.2. Specific Measures 

Such measures include, without limitation: 

• Strict access controls and role-based permissions to ensure that only authorized personnel may access personal data; 
• Encryption of personal data in transit and, where applicable, at rest, consistent with industry-standard practices; 
• Deployment of secure hosting and infrastructure environments, including physical, network, and application security; 
• Comprehensive logging, monitoring, and incident detection procedures to promptly identify and respond to security events; 
• Periodic security assessments, vulnerability testing, and remediation of identified risks in accordance with best practices. 

7.3. Alignment with GTCs and EULA 

All security measures implemented by TRUECHART are consistent with the obligations set forth in the General Terms and Conditions (GTCs) and the End User License Agreement (EULA), including any Service Level Agreements (SLAs) relating to SaaS operations. 

7.4. Continuous Improvement 

TRUECHART shall regularly review and update its security policies, procedures, and technical measures to ensure ongoing compliance with applicable data protection laws, including the Singapore PDPA and, where applicable, the EU GDPR. 

8. DATA RETENTION 

8.1. Retention Principles 

TRUECHART shall retain personal data only for as long as is necessary to achieve the purposes for which the data was collected, or as otherwise required by applicable law, regulation, or contractual obligations. Retention periods shall be reasonable and documented in accordance with internal policies and applicable legal requirements. 

8.2. Retention Purposes 

Personal data may be retained to the extent necessary for: 

• The performance and enforcement of contractual obligations under the GTCs, EULA and related agreements; 
• Compliance with legal, regulatory, and statutory obligations applicable in Singapore, the European Union, or other relevant jurisdictions; 
• The establishment, exercise, or defense of legal claims, dispute resolution, or audit purposes; 
• Any other legitimate business purpose, provided such retention is proportional and does not conflict with applicable data protection laws. 

8.3. Deletion or Anonymization 

Upon expiration or termination of SaaS subscriptions or other Services, Customer Data shall be securely deleted or anonymized in accordance with the procedures set forth in the EULA and any applicable contractual agreements, unless retention is explicitly required by law or regulatory obligations. 

8.4. Documentation and Review 

TRUECHART shall maintain records of retention periods and regularly review stored personal data to ensure timely deletion or anonymization in compliance with this Policy, the PDPA and where applicable, the GDPR. 

9. INDIVIDUAL RIGHTS 

9.1. Rights Overview 

Subject to applicable law, including the Singapore Personal Data Protection Act 2012 (“PDPA”) and, where relevant, the EU General Data Protection Regulation (“GDPR”), individuals whose personal data is processed by TRUECHART (including authorized users, customer representatives, and website visitors) are entitled to exercise the following rights: 

• Access: The right to request confirmation of whether personal data concerning them is being processed and to obtain a copy of such data. 
• Correction: The right to request correction of personal data that is inaccurate, incomplete, or misleading. 
• Consent Withdrawal: The right to withdraw previously provided consent for processing, to the extent that processing is based on consent and is not otherwise required to fulfill contractual or legal obligations. 

9.2. Submission of Requests 

Individuals may exercise their rights by submitting a request to TRUECHART’s Data Protection Officer (DPO) using the contact details provided in Section 13 of this Policy. Requests should include sufficient information to allow TRUECHART to verify the identity of the requester and to locate the relevant personal data. 

9.3. Limitations and Exceptions 

TRUECHART may refuse, limit, or defer a request to the extent permitted or required by applicable law, including where: 

• Processing is necessary to perform contractual obligations under the GTCs, EULA, or related agreements; 
• Compliance would unreasonably affect the rights or freedoms of others; 
• Retention or continued processing is required by law, regulation, or for the establishment, exercise, or defense of legal claims; 
• Requests are manifestly unfounded, excessive, or repetitive. 

9.4. Response Period 

TRUECHART shall respond to valid requests in accordance with statutory timelines under the PDPA and, where applicable, the GDPR, taking into account the nature of the request and the complexity of the processing activities involved. 

10. COOKIES AND WEBSITE ANALYTICS 

10.1. Use of Cookies and Similar Technologies 

TRUECHART websites, applications, and online services may employ cookies, web beacons, pixels, and other similar tracking technologies (“Cookies”) for purposes including, but not limited to: 

• Ensuring proper functionality and user experience of the website and Services; 
• Security and fraud prevention; 
• Performance monitoring, usage analytics, and service improvement; 
• Measuring and optimizing marketing and engagement activities. 

10.2. User Control and Preferences 

Users may manage, restrict, or disable Cookies through their web browser settings or other available tools. Disabling certain Cookies may impact the functionality of the website or access to some Services. 

10.3. Separate Cookie Notice 

Detailed information regarding the types of Cookies used, purposes, retention periods, and third-party providers may be provided in a separate Cookie Notice or similar disclosure, which forms an integral part of this Policy. 

10.4. Compliance 

TRUECHART ensures that all Cookies and analytics practices are implemented in accordance with applicable data protection and privacy laws, including the PDPA and, where applicable, the GDPR, and that user consent is obtained where legally required. 

11. THIRD-PARTY LINKS AND SERVICES 

11.1. Third-Party Content and Services 

The Services may include hyperlinks, advertisements, or references to websites, applications, or services operated by third parties (“Third-Party Services”). Such links are provided for convenience only and do not constitute endorsement, sponsorship, or affiliation by TRUECHART. 

11.2. Limitation of Liability 

TRUECHART does not exercise control over, and shall not be responsible or liable for, the content, privacy practices, or data handling policies of any Third-Party Services. Accessing such Third-Party Services is done at the user’s own risk. 

11.3. User Responsibility 

Users are strongly encouraged to independently review the privacy policies, terms of use, and other relevant agreements of Third-Party Services before providing any personal data or interacting with such services. 

11.4. No Data Sharing Obligation 

TRUECHART is not responsible for any personal data collected, processed, or disclosed by Third-Party Services, and this Policy does not govern such practices. 

12. DATA BREACH NOTIFICATION 

12.1. Incident Response 

In the event of any unauthorized access, disclosure, loss, or other compromise of personal data (“Data Breach”), TRUECHART shall promptly initiate an investigation and take reasonable and appropriate measures to contain, mitigate, and remediate the incident in accordance with its internal incident response procedures and applicable law. 

12.2. Notification to Affected Parties 

Where a Data Breach involves personal data of Customers or their end-users, TRUECHART shall provide notification to affected parties in accordance with the Singapore Personal Data Protection Act 2012 (“PDPA”) and any other applicable laws or regulations. Such notification shall be made without undue delay and shall include sufficient details to enable the affected parties to take protective measures. 

12.3. Regulatory Cooperation 

TRUECHART shall cooperate with Customers, including providing reasonable assistance, information, and documentation, to enable Customers to fulfill their regulatory reporting and notification obligations under applicable data protection laws. 

12.4. Limitation of Liability 

Notification and mitigation obligations under this clause are subject to the limitations of liability, terms, and disclaimers set forth in the TRUECHART General Terms and Conditions and the EULA, and nothing herein shall be construed as creating additional contractual obligations beyond those established therein. 

13. DATA PROTECTION OFFICER AND CONTACT INFORMATION 

13.1. Appointment 

TRUECHART has appointed a Data Protection Officer (“DPO”) responsible for overseeing compliance with this Privacy Policy, the PDPA, applicable GDPR provisions and other relevant data protection laws. The DPO acts as the primary point of contact for all matters relating to the processing of personal data under the Services. 

13.2. Responsibilities 

The DPO is responsible for, among other things: 

• Monitoring and advising on TRUECHART’s data protection obligations; 
• Handling requests from individuals concerning access, correction, or withdrawal of consent; 
• Responding to inquiries and complaints regarding personal data processing; 
• Coordinating with regulatory authorities where required; and 
• Supporting internal compliance audits and incident response efforts. 

13.3. Contact Information 

Individuals and Customers may contact the DPO for any data protection or privacy-related inquiries, requests, or concerns at: 

Email: info@truechart.com 

13.4. Response Commitment 

TRUECHART will use reasonable efforts to respond to all inquiries or requests directed to the DPO in a timely manner, in accordance with applicable legal obligations. 

14. UPDATES AND AMENDMENTS 

14.1. Right to Amend 

TRUECHART reserves the right to modify, update, or amend this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements, or to improve clarity regarding its data processing practices. 

14.2. Notification of Material Changes 

Where changes are material, TRUECHART will take reasonable steps to notify Customers and affected individuals through appropriate communication channels, which may include email, website announcements, or in-product notifications. 

14.3. Effect of Continued Use 

Continued access to or use of the Services following the publication of an updated Privacy Policy constitutes acknowledgment and acceptance of the revised terms. Individuals who do not agree with the updated Policy should cease using the Services and may contact TRUECHART for guidance regarding their personal data. 

14.4. Review Responsibility 

It is the responsibility of Customers and users to periodically review this Privacy Policy to remain informed of any updates or amendments. 

15. GOVERNING LAW 

15.1. Applicable Law 

This Privacy Policy, including all rights, obligations, and interpretations hereunder, shall be governed by and construed in accordance with the laws of Singapore, as applicable to TRUECHART Private Limited, without regard to its conflict of law provisions. 

15.2. Mandatory Data Protection Laws 

Nothing in this Privacy Policy shall derogate from or limit the applicability of mandatory data protection or privacy laws applicable to the Customer or individual, including but not limited to the Singapore Personal Data Protection Act 2012 (PDPA) and, where applicable, the EU General Data Protection Regulation (GDPR). 

15.3. Supremacy of Law 

In the event of any inconsistency between the provisions of this Policy and applicable mandatory data protection laws, such mandatory provisions shall prevail to the extent required by law.