Privacy Policy

Incisive Law LLC – Data Protection Policy

Purpose and Scope

Incisive Law LLC (the “Firm”) is committed to complying with the Personal Data Protection Act 2012 of Singapore (“PDPA”) and to safeguarding personal data in our possession or under our control. This Policy explains how we collect, use, disclose, and protect personal data in the course of providing our legal and related services.

This Policy applies to personal data relating to our clients, prospective clients, vendors, service providers, and other individuals who interact with the Firm, whether such data is held in electronic or physical form. It reflects our professional commitment to confidentiality and responsible data governance, and is intended to provide transparency on how personal data is managed and protected by the Firm.

Definitions

“Personal Data” is any information that relates to an individual who can be identified from that data. Under the PDPA in Singapore, this covers electronic and non-electronic data regardless of whether data is true or false and is contained in a record that has been in existence for less than 100 years. This includes, but is not limited to, names, NRIC numbers, contact details, financial information, and employment history.

Data Protection Officer (DPO)

The Firm has appointed a Data Protection Officer who is responsible for ensuring the Firm’s compliance with the PDPA. The DPO’s business contact information is published on the Firm’s website and available on request.

If you have any queries, comments or requests, please write to our Data Protection Officer at dpo@incisivelaw.com, or Incisive Law LLC, 120 Robinson Road #08-01 Singapore 068913.

Types of Data Collected by the Firm

The Firm may collect the following categories of personal data about you where reasonably necessary to fulfil the purposes outlined in this Privacy Policy:

  1. Your name and contact details (e.g. employer’s name, job title, work address, residential address telephone number and email address);
  2. Your national identification number or passport number (e.g. where required for identification purposes);
  3. Any information about you related to, or required for, a matter in respect of which we are engaged to provide legal, corporate secretarial or other services (including, but not limited to, immigration, notarisation and legalisation services);
  4. Information relating to your attendance at meetings, seminars, and other events at our premises;
  5. Information about your employment history and academic background;
  6. Recordings of your likeness and voice; and
  7. Your online data when you access our website (including your IP address).
  8. Financial information, such as payment-related information

Collection, Use and Disclosure of Personal Data

The Firm collects personal data only where reasonably necessary for legal or business purposes, including:

  1. Providing legal, corporate secretarial or other services to clients
  2. Client onboarding and due diligence;
    • To manage and administer our relationship with you and/or your company (which includes, without limitation, mandatory client due diligence checks and the processing of payments
  3. Compliance with regulatory and professional obligations;
  4. Recruitment and employment matters;
  5. Event invitations and marketing activities;
    • This include but is not limited to the following: organising seminars, webinars or other events; and sending you legal updates, newsletters, announcements, and any similar messages to keep you informed of any legal developments.
  6. Marketing and Opt-Out:
    • The Firm may send marketing or promotional materials via email or other modes. Individuals may opt out at any time by contacting the DPO or using the unsubscribe facility provided.
  7. Processing payments and billing;
  8. Visitation of the Firm’s website.
    • The Firm’s website may contain links to third-party websites. The Firm is not responsible for the data protection or privacy practices of such third parties, and individuals are advised to read the privacy policies of these parties before disclosing any personal data.
  9. The Firm will notify individuals of the purposes for which their personal data is collected unless an exception under the PDPA applies. The Firm will not use your personal data for purposes beyond those originally specified at the time of collection unless required or authorised by law, or unless you have been notified of and consented to such new purposes.

The Firm may disclose your personal data:

(a) where such disclosure is necessary for the performance of our obligations in the course of, or in connection with, the legal services requested by you; or

(b) to third‑party service providers, agents, or organisations engaged by us to carry out any of the functions described in clause 5 above.

Please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations. For more information on the exceptions, you are encouraged to peruse the First and Second Schedules of the PDPA which are publicly available at https://sso.agc.gov.sg/Act/PDPA2012.

Protection Against Liability for Third-Party Data

If you provide the Firm with personal data relating to other individuals, you represent and warrant that you have obtained all necessary consents and authorisations to do so, and that the Firm may collect, use and disclose such data in accordance with this Policy.

Consent and Withdrawal of Consent

The consent that you provide for the collection, use and disclosure of your personal data will remain valid until such time it is being withdrawn by you in writing. You may withdraw consent and request us to stop using and/or disclosing your personal data for any or all of the purposes listed above by submitting your request in writing or via email to our Data Protection Officer at the contact details provided above at clause 3.

Upon receipt of your written request to withdraw your consent, we may require reasonable time (depending on the complexity of the request and its impact on our relationship with you) for your request to be processed and for us to notify you of the consequences of us acceding to the same, including any legal consequences which may affect your rights and liabilities to us. In general, we shall seek to process your request within ten (10) business days of receiving it.

By continuing to engage the Firm’s services or by voluntarily providing personal data, you may be deemed to have consented to the collection use, or disclosure of your personal data for the relevant purposes specified in clause 5. Where deemed consent by notification applies, the Firm will provide reasonable notice of its intention and an opportunity for you to opt out, in accordance with the PDPA.

Withdrawal of such consent however shall not affect the legality of any data processing carried out before such withdrawal or of any legal obligation to retain personal data.

Access to and Correction of Personal Data

Individuals may request access to or correction of their personal data in our possession in accordance with (and subject to) the PDPA and the relevant regulations made thereunder. The Firm may charge a reasonable fee for access requests and will respond within the timeframe required by the PDPA, unless exceptions apply.

We will respond to your request as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the PDPA)

Accuracy of Personal Data

The Firm makes reasonable efforts to ensure that personal data collected is accurate and complete if it is likely to be used to make a decision that affects the individual or disclosed to another organisation. Where you provide your personal data directly to us, we are entitled to assume it is accurate and complete.

In order to ensure that your personal data is current, complete and accurate, please update us if there are changes to your personal data by informing our Data Protection Officer in writing or via email at the contact details provided above at clause 3.

Protection of Personal Data

To safeguard your personal data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, we have introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection, encryption and the use of data-security controls to secure all storage and transmission of personal data by us, and disclosing personal data both internally and to our authorised third party service providers and agents only on a need-to-know basis.

You should be aware, however, that no method of transmission over the Internet or method of electronic storage is completely secure. While security cannot be guaranteed, we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.

Retention

The Firm retains personal data for as long as it is necessary to fulfil the purpose for which it was collected, or as required or permitted by applicable laws and professional standards. Where personal data is no longer necessary, the Firm will ensure that it is securely deleted or anonymized.

Transfers of Personal Data Outside of Singapore

In the event that personal data is transferred outside Singapore, the Firm ensures that the recipients are bounded by legally enforceable obligations to provide a standard of protection comparable to that under the PDPA. The Firm may enter into contractual arrangements to ensure this, where appropriate.

Effect of Policy and Changes to Policy

This Policy applies in conjunction with any other notices, contractual clauses and consent clauses that apply in relation to the collection, use and disclosure of your personal data by us.

The Firm reviews and updates this Policy from time to time to ensure continued compliance with applicable laws and practices. The Firm reserves the right to amend and update the terms of this Data Protection Policy at our absolute discretion. The latest version can be found at the Firm’s website: www.incisivelaw.com

Policy Acceptance Disclaimer

Your continued use of our services constitutes your acknowledgement and acceptance of such changes. Without any prejudice to an individual’s rights under the PDPA, this Policy is not a contract, nor does it create any legal rights or obligations that are not expressly provided under the PDPA.

Scroll to Top