The protection and privacy of our client’s personal data is of utmost importance to Yuen Law LLC. We respect the privacy of all personal information and data we receive from you and will ensure compliance to the personal data protection laws of Singapore and the strictest of security and confidentiality standards.
This personal data protection policy (“Policy”) set outs out the basis upon which Yuen Law LLC (“we”, “us” or “our”) may collect, use, disclose or otherwise process personal data of our clients and prospective clients (collectively referred to as “clients”) in accordance with the Personal Data Protection Act (“PDPA”). The PDPA generally does not apply to business contact information, such as an individual’s name, position name or title, business telephone number, business address, business email and similar information about an individual, which is not provided by the individual solely for his personal purpose. We reserve the right to update, amend or make changes this Policy at any time to conform to new laws and regulations of changes in business standards. All policy changes shall be posted on this page.
1. PERSONAL DATA
We collect personal data and confidential information from our clients when they engage our legal and professional services or inquire with us for a potential engagement of our legal and professional services. This “personal data” refers to (a) any data, whether true or not, about an individual who can be identified from that data, or (b) from that data and other information to which we have or are likely to have access to, including data in our records as may be updated from time to time. Depending on the nature of your interactions with us, personal data which we collect will include, but may not be limited to the following information:
a. your name or alias, gender, NRIC/FIN or passport number, date of birth, nationality and country and city of birth;
b. your contact details, such as your mailing address, telephone numbers, email addresses and any other contact details;
c. your financial data, such as billings and mode of payment; and
d. if you contact us, records of correspondence between ourselves and you.
We generally do not collect personal data unless (a) it is provided to us voluntarily by you directly or via a third party who has been duly authorised by you to disclose your personal data to us (your “authorised representative”) after (i) you (or your authorised representative) have been notified of the purposes for which the data is collected, and (ii) you (or your authorised representative) have provided written consent to the collection and usage of your personal data for those purposes, or (b) collection and use of personal data without consent is permitted or required by the PDPA or other laws. We shall seek your consent before collecting any additional personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by law).
Please ensure that you speak to others before providing their personal data to us. Kindly inform them that our collection, use and disclosure of their personal data is solely for the purposes in paragraph 3 of this Policy. You are responsible for ensuring that any others whose personal data you provide us with consents to our collection, use and disclosure of their personal data for the purposes set out in this Policy statement.
2. COLLECTION, USE, DISCLOSURE OF PERSONAL DATA
Your personal data is collected and used by us for the following purposes;
a. to manage and administer our relationship with you (which includes, verifying your identity, carrying out mandatory client due diligence checks and processing payments);
b. performing our obligations under or in connection with our engagement and providing legal and professional services to you in the ordinary course of our work;
c. responding to, process and handling your queries, requests, complaints and other inputs;
d. providing you with information, products or services that you request from us;
e. facilitating our compliance with any applicable laws, regulations, codes of practice, guidelines, or rules which may be applicable to us, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory authority; and
f. carrying out whatever else is reasonable or related to or in connection with the above and our provision of our services.
We may disclose your personal data to third parties where necessary for the following purposes:
a. where such disclosure is required for performing obligations in the course of or in connection with our engagement; or
b. to third party service providers, agents and other organisations we have engaged to perform any of the functions with reference to the abovementioned purposes.
The purposes listed in the above clauses may continue to apply even in situations where your engagement with us has concluded or has been terminated or altered in any way, for a reasonable period thereafter (including, where applicable, a period to enable us to enforce our rights under any contract with you).
3. ACCESS TO AND CORRECTION OF PERSONAL DATA
Should you wish to make an access request for a copy of the personal data which we hold about your or have any queries concerning your personal data has been or may be used or disclosed, or correct and / or update your personal data in our records, please drop our Data Protection Officer the contact details provided below, stating the following details:
a. your full name; and
b. a description of the nature of your request.
We will review your request and respond to you within 14 days. Please note that we will be imposing an administrative fee of S$10 for each access.
4. ACCURACY OF PERSONAL DATA
We endeavour to ensure that all decisions involving your personal data are based upon accurate and timely information. While we will do our best to base our decisions on accurate information, we rely on you to disclose all relevant information and to inform us of any significant changes. As such, you are kindly requested to disclose all relevant information, inform us of any changes and to ensure that all your personal data that is submitted to us is current, complete and accurate.
5. PROTECTION OF PERSONAL DATA
Your personal data (both in physical and electronic forms) are maintained securely in our system and protected against unauthorised access, alteration or disclosure. We have implemented administrative, physical and technical measures which are appropriate and proportionate to safeguard, protect and secure your personal data.
These measures include the following:
a. only authorised employees and/or staff members have access to your personal data;
b. our computer systems have up-to-date antivirus protection, securely erase storage media in devices before disposals, and we use SSL to encrypt personal data transmitted from our website;
c. periodic security review are performed;
d. any disclosure and/or transfer of your personal data to authorised third party service providers and agents shall be carried out in accordance with this Policy. Where any proposed disclosure and/or transfer of your personal data is intended to take place outside the scope of this Policy, your prior written consent will be obtained.
6. RETENTION OF PERSONAL DATA
We may retain your personal data for so long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws.
We do not retain your Personal Data longer than is necessary for the purposes which the Personal Data is used or to be used. Unless you agree otherwise, we shall retain your Personal Data for no longer than seven (7) years from the date of your last engagement with us (the “Time Period”). Upon the expiry of the Time Period, we shall take all practical steps to remove all physical and electronic copies of your personal data held by us or remove the means by which the data can be associated by you.
7. TRANSFER OF PERSONAL DATA OUTSIDE OF SINGAPORE
We generally do not transfer your personal data to countries outside of Singapore. However, if we do so, we will obtain your consent for the transfer to be made and will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the PDPA.
8. WITHDRAWAL OF YOUR CONSENT
The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop collecting, using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided below.
Should you withdraw your consent to the collection, use or disclosure of your personal data, depending on the nature and scope of your request for withdrawal, it may impact our ability to continue to provide our services to you, and in particular, it may become unlawful for us to provide (or continue to provide) legal services to you without the ability to collect, use or disclose personal data. Prior to you exercising your choice to withdraw your consent, we will inform you of the consequences of the withdrawal of your consent.
Please note that your withdrawal of consent will not prevent us from exercising our legal rights (including any remedies), or undertaking any steps as we may be entitled to at law.
9. DATA PROTECTION FEEDBACK CHANNELS
Should you have any queries, concerns, displeasure or complaints concerning our handling of your Personal Data, please email our Data Protection Officer at firstname.lastname@example.org, with the following information:
a. full name;
b. email address; and
c. your query, concern, displeasure or complaint.
10. EFFECT OF POLICY AND CHANGES TO POLICY
This Policy applies in conjunction with any other policies, notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.
We may revise this Policy from time to time without any prior notice. You may determine if any such revision has taken place by referring to the date on which this Notice was last updated.
Last updated: 10 August 2021