1. Definitions and Interpretation
1.1 The PDPA defines “personal data” as “data, whether true or not, about an individual who can be identified — (a) from the data; or (b) from the data and other information to which the organization has or is likely to have access”. Some examples of personal data include NRIC number, residential address, email address, telephone number, date of birth and bank account number.
1.2 Any reference to “you” or “your” includes any person who has been authorized to represent you and/or disclose your personal data to us.
1.3 Any reference to “person” includes any natural person or firm, corporation, partnership, association, trust, society or other entity.
1.4 Unless the context otherwise requires, references to the singular shall include references to the plural and vice versa, and the use of any gender shall include all genders. References to “clauses” are to clauses of this PP.
2. Collection, use and disclosure of personal data
2.1 By engaging our services and accepting our terms and conditions, you consent to the collection, use and disclosure of your personal data for the purposes of and to such persons as listed in clauses 2.2 and 2.3 (“Collection of Your Personal Data”). If you do not consent to our Collection of Your Personal Data, we might be unable to provide some or all of the services for which you have engaged us to provide.
2.2 We may collect and use your personal data for any or all of the following purposes:
(a) communicating with you;
(b) verifying your identity;
(c) for the performance of any obligations in the course of or in connection with the provision of services to you;
(d) any purposes which might be legally required of us; or
(e) any additional purposes for which you consent to us collecting and/or using your personal data.
2.3 We may disclose your personal data:
(a) where such disclosure is required for performing obligations in the course of or in connection with our provision of services requested by you;
(b) to third party(ies) we have engaged to perform any obligations in the course of or in connection with our provision of services requested by you;
(c) to any relevant Singapore government regulators, statutory bodies, authorities, or Singapore law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any Singapore governmental authority; or
(d) any other party to whom you authorize us to disclose your personal data.
2.4 The purposes listed in the clauses 2.2 and 2.3 may continue to apply even in situations where your relationship with us has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
3. Updating or correcting your Personal Data
We rely on the personal data provided by you. In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data in the manner instructed by your attending solicitor.
4. Withdrawal of consent
4.1 If you wish to withdraw your consent to our Collection of Your Personal Data, you must inform our Data Protection Officer in writing by email at the contact details stated at clause 9 (“Written Notification”). No other method of withdrawal of consent will be accepted as a valid notification of our Data Protection Officer. If you decide to cancel your withdrawal of consent, please inform our Data Protection Officer in writing by email at the contact details stated at clause 9.
4.2 Upon receipt of your Written Notification, we will require 14 days for your request to be processed. We will also inform you, before completing the processing of your request, what services (if any) we will no longer be able to perform for you.
4.3 Please note that withdrawing your consent does not affect our right to continue to collect, use and disclose personal data where such collection, use and disclosure without consent is permitted or required under applicable laws, rules or regulations.
5. Access to Personal Data
5.1 If you wish to access a copy of your personal data or information about the ways in which your personal data is used and/or disclosed, you may submit a request (“Access Request”) in writing via email to our Data Protection Officer at the contact details stated at clause 9. We will respond to your Access Request as soon as we can, but in any case no later than 30 days from the day our Data Protection Officer receives your Access Request. If we are unable to accede to your Access Request, we will inform you of the reasons why unless we are not required to do so under the PDPA.
5.2 Please note that a reasonable fee may be charged for an Access Request. We will inform you of the fee before processing your Access Request.
6. Protection of Personal Data
6.1 To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate measures such as encryption to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to authorized 3rd parties only on a need-to-know basis.
6.2 However, as no method of transmission over the Internet, or electronic storage is completely secure, we are constantly reviewing and enhancing our information security measures to ensure your personal data is protected.
7. Retention of Personal Data
We may retain your personal data for as long as necessary to fulfil the purpose(s) for which it was collected, or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purpose for which the personal data was collected, and is no longer necessary for legal or business purposes.
8. Transfer of Personal Data outside Singapore
We generally do not transfer your personal data to countries outside of Singapore unless specifically instructed by you and/or where necessary for the purposes set out at clauses 2.2 and 2.3. Where we transfer your personal data outside Singapore, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
9. Data Protection Officer
You may contact our Data Protection Officer if you have any enquiries, complaints or feedback on our personal data protection policies and procedures, or if you wish to make an Access Request, at DPO@attorneys.com.sg.
10.1 This PP applies in conjunction with any other letters, terms and conditions, notices, contractual clauses and consent clauses that apply in relation to your personal data.
10.2 We may revise this PP from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this PP was last updated. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
Last updated: 24 June 2019