Privacy Policy

1. Introduction

Lotus Legal ("we", "us", "our") is committed to protecting the personal data of every person who contacts us or uses our services. This policy explains what personal data we collect, why we collect it, how we use it, and the rights you hold in relation to it.

This policy applies to all personal data processed by Lotus Legal in connection with the services described on our website and in client engagements. Our services are offered to individuals located in Singapore and, where applicable, internationally.

2. Data Controller

The data controller responsible for your personal data is Lotus Legal, 600 North Bridge Road, #18-03 Parkview Square, Singapore 188778. For data-related enquiries, contact us at privacy@lotusleg.

3. Personal Data We Collect

Data Collected Through Our Website

• Name and contact details (email address, telephone number) submitted via the enquiry form
• The content of messages submitted through the enquiry form
• Technical data: IP address, browser type, pages visited, time and date of access (via analytics cookies, where consented)
• Cookie preference choices stored in your browser

Data Collected During Client Engagements

• Identity information: full name, NRIC or passport number where legally required
• Contact information: address, telephone, email
• Family and financial information disclosed in the course of legal advice or representation
• Correspondence and documents provided by you or your representatives

4. Legal Basis for Processing

• Consent: For marketing communications and non-essential cookies, where you have given consent
• Contract: To provide legal services you have engaged us to deliver
• Legitimate interest: To respond to initial enquiries, maintain client records, and manage our firm's operations
• Legal obligation: To comply with obligations under Singapore law, including professional conduct rules and the Prevention of Money Laundering Act where applicable

5. How We Use Your Data

• To respond to your enquiries and arrange consultations
• To provide legal advice and representation services
• To prepare documents, correspondence, and written summaries in connection with your matter
• To comply with our legal and professional obligations
• To maintain our client records and practice management systems
• To improve our website through anonymised analytics (where consented)

We do not use personal data for automated decision-making or profiling.

6. Data Sharing

We share personal data only where necessary and only with the following categories of recipients:

• Courts and tribunals: Where required by proceedings
• Opposing counsel and mediators: In the conduct of your matter
• Third-party service providers: Including our IT infrastructure provider and practice management software provider, who process data on our behalf under data processing agreements
• Regulatory bodies: Where required by law or professional conduct rules

We do not sell personal data to third parties or share it for marketing purposes.

7. Data Retention

Client matter files are retained for a minimum of seven years from the close of the matter, in accordance with professional conduct obligations. Enquiry data submitted through our website contact form is retained for twelve months unless you become a client, in which case it becomes part of your client file.

Website analytics data is retained in anonymised form only.

8. Cookies

Our website uses cookies. Please refer to our Cookie Policy for full details, including how to manage your preferences.

9. Data Security

We apply technical and organisational measures proportionate to the sensitivity of the data we hold. These include encrypted storage for client files, access controls limiting who within the firm can access particular files, and secure communication channels for sending documents containing personal data.

In the event of a data breach that poses a real risk of significant harm, we will notify the Personal Data Protection Commission (PDPC) and affected individuals in accordance with the PDPA's mandatory breach notification obligations.

10. Your Rights

Under Singapore's Personal Data Protection Act 2012 (PDPA), you have the following rights in relation to your personal data:

• Right of access: To request a copy of the personal data we hold about you
• Right of correction: To request correction of inaccurate personal data
• Right of withdrawal of consent: To withdraw consent to processing where consent is the legal basis, without affecting processing carried out before withdrawal
• Right to data portability: To receive your personal data in a structured, machine-readable format where technically feasible

To exercise any of these rights, contact us at privacy@lotusleg. We will respond within 30 days.

If you are dissatisfied with our handling of your personal data, you may lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

11. Children's Data

Our services are not directed at children under 18. Where information about children is provided in the course of a family law matter, it is treated with the highest level of care and confidentiality, and is used only for the purpose of conducting the matter.

12. Third-Party Links

Our website may contain links to external sites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies independently.

13. Changes to This Policy

We may update this policy from time to time. The revised version will be published on this page with an updated effective date. Material changes will be communicated to active clients directly.

14. Contact

For any questions relating to this policy or to our handling of your personal data:

• Email: privacy@lotusleg
• Address: 600 North Bridge Road, #18-03 Parkview Square, Singapore 188778