Privacy Policy
Personal Data Protection Policy

Introduction
1. Burton Chen Legal LLC recognises the importance of safeguarding your personal data, and therefore undertakes to fully implement and comply with the provisions of the Personal Data Protection Act 2012 (the”Act”).
2. Our Personal Data Protection Policy set out here explains the procedures and systems we have put in place to comply with the Act (this “Policy”). For the purpose of this Policy, ‘client’ includes any prospective clients.
3. Your engagement or continued engagement of our services shall be deemed as your knowledge and consent to the provisions of this Policy.
4. The Act imposes restrictions on our actions in processing personal data. “Processing” includes any recording, holding, organisation, adaptation or alteration, retrieval, combination, transmission, erasure or destruction of personal data carried out by us. Other definitions included in the Act may be found online at http://www.pdpc.gov.sg.

Data Protection Officer
5. We have appointed a Data Protection Officer (the “DPO”) to deal with day-to-day data protection matters and complaints, and to encourage good data handling practices within the company. If you have questions or concerns, please contact our DPO, Ms Lynette Chan, at: 
Email address: lynettechan@bchenlegal.com
Telephone no: +65 6823 1313

What is Personal Data?
6. Personal data is data about an individual which can be used, on its own or with other information to which we have or are likely to have access, to identify the individual. Personal data does not include an individual’s business contact information, business title, or information about an individual which is publicly available. For the purposes of the provision of our services, personal data collected by us would generally include without limitation a client’s and/or client representative’s name, address, telephone number, personal email address, identification numbers or details, photographs or video, financial and tax information and bank account numbers.

What kind of personal data will be collected?
7. The personal data that we may collect about you includes, but is not limited to:

  • Personal information, such as your name, data of birth, gender, CPF number, NRIC/passport/identification numbers, marital status;

  • Personal contact details, phone numbers, addresses, email addresses, and fax numbers;

  • Billing and banking information; and

  • An individual’s criminal record history and any proceedings or sentences imposed for any offence committed or alleged to be committed by the individual.

Why do we collect personal data?
8. We receive or collect your personal data for reasonable purposes in carrying out our role as a legal services provider. These purposes include:

  • The provision of legal services, advice and representation;

  • Communication with clients and other parties;

  • Security purposes;

  • Compliance with all legal, regulatory, and tax requirements;

  • Disclosure to third parties for the reasons outlined at paragraph 10 below.


9. We undertake not to use your personal data for any purpose other than for which it was collected or in accordance with the Act. Should we require any personal data in our possession to be used for a purpose other than those for which consent was originally given, fresh consent will be sought in order to use the data for that new purpose.

Disclosure of personal data to third parties
10. In the course of processing personal data for the above purposes, we may disclose individuals’ personal data to third parties within or outside Singapore. This includes:

  • Governmental organisations or authorities to whom we are required by law to disclose the data, e.g. for tax purposes;

  • Third parties who provide us with data processing, administration, health, insurance or legal services, or other professional or management services; and

  • Anyone to whom we are otherwise required to disclose it to, including but not limited to individuals seeking access to their own personal data.

11. Such disclosure to third parties outside Singapore shall only be to organisations who are required or agree to process the data with a comparable level of data protection as that required under Singapore law.

Access and Correction
12. Subject to statutory exceptions, you may make written requests to our DPO to access or correct some or all of your personal data in our possession or under our control. You may also make a written request to our DPO for information on the ways in which your personal data has been used or disclosed by us within 12 months prior to your request. If you have any questions, comments or concerns, or wish to access or correct your personal data, please contact our DPO.
13. We endeavour to take all reasonable steps to ensure that personal data in our possession is accurate, up-to-date, and complete. If any personal data you have provided to us becomes inaccurate, please contact our DPO to update your data.
14. We may charge a reasonable fee in order to process any requests for access to information. Please note that certain types of information are exempt from the general right of access, and may not be disclosed.

Retention
15. We will retain personal data for as long as it is necessary to serve the purpose for which it has been collected, and/or to comply with legal requirements. 

Protection
16. We endeavour to maintain all personal data in our possession securely.  To this effect, we have put in place systems to ensure the protection and security of data in our possession.

Complaints
17. If you feel that your data has been erroneously or improperly handled by us, you may lodge a complaint with our DPO.
18. The results of our DPO’s investigation will be communicated to you. If the complaint has been upheld, you will be informed of the next steps to be taken to resolve the situation.

Withdrawal of Consent
19. You may withdraw your consent for the processing of your data by us. However, in some cases, consent to the processing of data may not be withdrawn, such as where it is necessary for the administration of our relationship with our clients.

Updating this Policy
20. This Policy may be updated from time to time to take account of changes in technology, our practice or policy, and/or to ensure compliance with any legislative changes. This Policy may be viewed at any time on our website (https://www.bchenlegal.com/privacy-policy).