Skip to content
    Skip to main content
    Lyoen & Partners
    PARRYPARRY
    Register now

    Privacy Policy

    Privacy Policy — getparry.com

    Last updated: April 23, 2026

    Who We Are

    This Privacy Policy explains how Lyoen and Partners Limited ("L&P", "we", "our" or "us"), a company registered in Hong Kong at Unit B, 11/F Yam Tze Commercial Building, 23 Thomson Road, Wan Chai, Hong Kong, collects, uses and protects your personal data when you visit getparry.com (the "Website").

    L&P is the data controller responsible for the personal data collected through this Website. PARRY is a product of L&P — references to "PARRY" in this policy refer to the PARRY product and brand, not to a separate legal entity.

    Our Data Protection Officer can be contacted at: privacy@lyoenandpartners.com

    For any questions regarding this Privacy Policy, your personal data, or to exercise your data subject rights, please contact us at the same address.

    Scope

    This Privacy Policy covers only the Website (getparry.com) in its capacity as a public-facing product information site and contact platform for PARRY.

    It does not cover:

    • The PARRY web application at app.getparry.com, which is governed by a separate privacy policy provided at the point of account creation. When you leave getparry.com to create or use an account on the web application, the privacy policy of that application will apply from that point forward.
    • The lyoenandpartners.com website, which publishes L&P's consulting service information, the BOS Diagnostic, weekly governance insights and a newsletter subscription. That website is governed by a separate privacy policy.

    Information We Collect

    1. Contact Form Submissions

    When you submit the Website's contact form, you voluntarily provide:

    • Your name;
    • Your work email address;
    • Optionally, a phone or messaging identifier (e.g. WhatsApp number, LINE ID);
    • A message describing your enquiry or request;
    • A topic or category selection for routing.

    2. Feedback Drawer Submissions

    When you submit feedback through the Website's feedback drawer, you voluntarily provide:

    • Short structured responses (ratings and free-text) regarding the Website and the PARRY product;
    • Optionally, contact details you choose to include for follow-up.

    3. Browser and Analytics Data

    When you visit the Website, we automatically collect certain technical information through cookies and analytics tools, including: your IP address, browser type and version, device type, approximate geographic location (derived from IP address), pages visited and time spent, and referral source. This data is collected through Google Analytics and through our hosting platform's built-in analytics for the purposes described below.

    4. Cookies and Consent Preferences

    When you first visit the Website, a cookie consent banner is displayed, allowing you to accept or decline non-essential cookies before they are placed on your device. We record your consent choice in a strictly necessary cookie so that your preference is respected on subsequent visits.

    You may update your cookie preferences at any time via the cookie settings accessible from the Website footer. Details of individual cookies, their providers and expiry periods are set out in the Cookie Policy.

    How We Use Your Information

    Contact Form Submissions

    We use the information you provide in the contact form to:

    • Respond to your enquiry or request;
    • Where you request it, initiate access to the PARRY web application;
    • Keep a reasonable record of enquiries received for operational and audit purposes.

    We do not use contact form data for unsolicited marketing. We do not sell, rent or trade your contact information with third parties.

    Feedback Drawer Submissions

    We use feedback drawer data to improve the Website, the PARRY product and our communications. Free-text feedback may be reviewed internally or by L&P's sub-processors acting on our instructions. Feedback is treated as L&P intellectual property pursuant to the Terms of Service.

    Browser and Analytics Data

    We use analytics data in aggregate to understand Website traffic, improve content relevance and diagnose technical issues. We do not use browser data to build individual user profiles or to target advertising.

    Legal Basis for Processing

    We process your personal data on the following legal grounds:

    • Consent. Analytics cookies and any processing that is not strictly necessary for the Website to function are placed only after you give consent via the cookie banner. You may withdraw consent at any time via the cookie settings.
    • Legitimate interest. We process contact form data based on our legitimate interest in responding to enquiries, qualifying business-to-business contacts and operating a customer support function. This processing is proportionate, expected by individuals who submit an enquiry, and does not override your rights.
    • Legitimate interest. We process feedback drawer data based on our legitimate interest in improving the Website and the PARRY product. This processing is proportionate and expected.
    • Legal obligation. Where we are required to retain or disclose personal data to comply with applicable law, we process on that basis.

    Data Retention

    | Data category | Retention period | |---|---| | Contact form submissions (name, email, phone/messaging ID, message, topic) | 24 months from date of last interaction, unless you have been onboarded as a PARRY user (in which case the web application privacy policy applies) | | Feedback drawer submissions | 24 months from date of submission | | Browser and analytics data | Up to 14 months (Google Analytics default); aggregated hosting-platform analytics retained for the duration of our use of that platform | | Cookie consent record | 12 months |

    After the applicable retention period, personal data is deleted or anonymised. You may request earlier deletion by exercising your rights below.

    Who We Share Your Data With

    We do not sell or share your personal data with third parties for their marketing purposes. We share data only with the following service providers (sub-processors), who process data on our behalf under contractual obligations to protect your information:

    | Sub-processor | Purpose | Data processed | Hosting location | |---|---|---|---| | Supabase | Website hosting, database, authentication | Contact form submissions, feedback submissions, session data | Singapore (ap-southeast-1) | | Google Analytics (Google LLC) | Website analytics | Browser data, usage patterns (anonymised) | United States | | Resend | Transactional email delivery (replies, confirmations) | Email addresses, message content | United States |

    We require all sub-processors to maintain appropriate technical and organisational measures to protect your personal data and to process it only in accordance with our instructions.

    International Data Transfers

    Your personal data may be transferred to, and processed in, countries outside your country of residence:

    • Singapore — for hosting, database and authentication services provided by Supabase (ap-southeast-1 region);
    • United States — for analytics (Google LLC) and transactional email delivery (Resend).

    Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission (where required under the GDPR or UK GDPR) and the corresponding safeguards required under the Thailand PDPA, the Vietnam PDPD and the Hong Kong PDPO.

    Google LLC is certified under the EU–US Data Privacy Framework, providing an additional layer of assurance for analytics data transferred to the United States under Google Analytics.

    Singapore provides a comparable statutory framework for the protection of personal data under the Personal Data Protection Act 2012 ("PDPA Singapore"). For transfers of EU or UK personal data to Singapore, we rely on Standard Contractual Clauses to ensure GDPR-equivalent protection.

    AI-Assisted Content

    Some content on the Website (for example, product descriptions or summaries) may be produced with the assistance of artificial intelligence. Such content is labelled in accordance with applicable transparency obligations, including the EU AI Act (Regulation 2024/1689). No personal data from Website visitors is used as input to generate any AI-assisted content on this Website.

    The PARRY web application at app.getparry.com uses AI in its core functionality and is governed by the separate privacy policy applicable to that application.

    Your Rights

    Depending on your location and applicable law, you have the following rights regarding your personal data:

    • Access. You may request confirmation of whether we process your personal data and a copy of that data.
    • Rectification. You may request correction of inaccurate or incomplete personal data.
    • Erasure. You may request deletion of your personal data where there is no compelling reason for continued processing.
    • Restriction. You may request that we restrict the processing of your personal data in certain circumstances.
    • Data portability. You may request export of your personal data in a structured, commonly used and machine-readable format.
    • Objection. Where we process your data based on legitimate interest, you may object to such processing. We will cease processing unless we demonstrate compelling legitimate grounds.
    • Withdrawal of consent. Where processing is based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.
    • Complaint. You have the right to lodge a complaint with a supervisory authority in your jurisdiction — for example, the relevant Data Protection Authority in the European Economic Area, the Personal Data Protection Committee in Thailand, or the Office of the Privacy Commissioner for Personal Data in Hong Kong.

    To exercise any of these rights, please contact our Data Protection Officer at: privacy@lyoenandpartners.com

    We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

    Data Security

    We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction. These measures include encryption in transit (TLS), access controls, and regular review of our security practices. No method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

    Children

    The Website is not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

    Changes to This Policy

    We may update this Privacy Policy from time to time. The "Last updated" date at the top indicates the most recent revision. We encourage you to review this page periodically. Material changes will be communicated through the Website.

    Applicable Regulations

    This Privacy Policy is designed to comply with applicable data protection laws, including:

    • The General Data Protection Regulation (EU) 2016/679 ("GDPR") and the UK GDPR
    • The Hong Kong Personal Data (Privacy) Ordinance (Cap. 486) ("PDPO")
    • The Thailand Personal Data Protection Act B.E. 2562 (2019) ("PDPA")
    • The Vietnam Personal Data Protection Decree 13/2023/ND-CP ("PDPD")
    • The EU Artificial Intelligence Act (Regulation 2024/1689), with respect to transparency obligations for AI-assisted content

    Where there is any conflict between applicable laws, we apply the standard that provides the highest level of protection for your personal data.

    Contact

    Lyoen and Partners Limited Unit B, 11/F Yam Tze Commercial Building 23 Thomson Road, Wan Chai Hong Kong

    Data Protection Officer: privacy@lyoenandpartners.com

    We use cookies to improve your experience. cookie policy or Privacy Policy