BL
Contact
LEGAL DOCUMENTATION

Privacy Policy

How Batik Legal collects, uses, and protects personal data in line with Singapore's Personal Data Protection Act.

Last Updated: 14 March 2026 Effective: 14 March 2026

1. Introduction

Batik Legal ("we", "us", "our") is a Singapore-based legal practice specialising in data privacy and compliance advisory. We are committed to handling personal data responsibly and transparently, in accordance with the Personal Data Protection Act 2012 (PDPA) of Singapore.

This Privacy Policy describes how we collect, use, disclose, and protect the personal data of individuals who interact with our website at batiklegalol or engage our services.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy. If you have questions about how your personal data is handled, please contact us at privacy@batiklegalol.

2. Personal Data We Collect

We collect personal data through various interactions, including when you contact us, engage our services, or visit our website.

Information You Provide Directly

  • Full name and contact details (email address, phone number)
  • Organisation name and job title
  • Enquiry content and correspondence with our team
  • Any documentation shared in the course of an engagement

Automatically Collected Information

  • IP address and browser type
  • Pages visited and time spent on site
  • Referral URLs and device information
  • Cookie and analytics data (see Section 6)

Legal basis for collection: consent (website forms), contractual necessity (service delivery), and legitimate interest (website analytics and security).

3. How We Use Your Personal Data

We use personal data only for purposes that are reasonable given the context of collection:

  • Service Delivery

    Processing enquiries, conducting compliance assessments, providing advisory services, and fulfilling contractual obligations.

  • Communication

    Responding to your queries, providing engagement updates, and sharing relevant compliance developments where you have consented to receive such communications.

  • Website Improvement

    Understanding how visitors use our site in order to improve the structure, content, and accessibility of the information we provide.

  • Legal and Regulatory Compliance

    Meeting obligations under applicable Singapore laws and responding to lawful requests from regulatory authorities.

We do not use personal data for automated profiling or decision-making processes that produce legal or similarly significant effects.

4. Sharing and Disclosure

We do not sell or rent personal data to third parties. We may share data in the following limited circumstances:

Service Providers

We engage reputable third-party providers for services such as website hosting, email delivery, and analytics. These providers act on our instructions and are contractually required to protect personal data.

Professional Advisors

In the course of legal engagements, we may involve co-counsel, barristers, or other professional advisors, subject to appropriate confidentiality obligations.

Regulatory Authorities

We will disclose personal data to the Personal Data Protection Commission (PDPC), Singapore courts, or other authorities when required to do so by law.

Cross-Border Transfers

Where personal data is transferred outside Singapore, we ensure that adequate protection is in place in accordance with the PDPA's transfer limitation obligations, including by using contractual protections or transferring to countries on the PDPC's approved list.

5. Security Measures

We implement reasonable and appropriate security measures proportionate to the sensitivity of the data we hold:

Encryption in Transit

All data transmitted via our website is encrypted using TLS/SSL protocols.

Secure Hosting

Website and data are hosted on servers with controlled access and regular security monitoring.

Access Controls

Access to personal data is restricted to staff and advisors with a legitimate need to handle it.

Breach Procedures

We maintain documented procedures for detecting, assessing, and responding to data incidents.

While we take data security seriously, no transmission or storage system is completely without risk. We encourage you to contact us promptly if you suspect any compromise of your data.

6. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to provide core functionality, understand how visitors use the site, and improve the overall experience.

Cookie Type Purpose Optional
Essential Session management and security No
Analytics Understanding visitor behaviour and improving content Yes
Marketing Tracking ad performance and personalisation Yes
Preferences Remembering your settings and choices Yes

You can manage cookie preferences at any time via our Cookie Policy page.

7. Your Rights Under the PDPA

Under Singapore's Personal Data Protection Act, individuals have the following rights with respect to their personal data:

ACCESS

You may request access to the personal data we hold about you and information about how it has been used or disclosed in the past year.

CORRECT

You may request correction of any inaccurate or incomplete personal data we hold about you.

WITHDRAW

You may withdraw consent for the collection, use, or disclosure of your personal data at any time, subject to legal or contractual restrictions.

PORT

Where technically feasible, you may request that we transmit your personal data to another organisation in a machine-readable format (data portability under the PDPA).

To exercise any of these rights, please contact us at privacy@batiklegalol. We will respond within 30 days of receiving your request. You also have the right to lodge a complaint with the Personal Data Protection Commission (PDPC) at www.pdpc.gov.sg.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected or as required by applicable law.

Data Category Retention Period
Enquiry and contact records3 years from last interaction
Client engagement files7 years after engagement closes
Website analytics data26 months (aggregated)
Cookie consent records12 months from consent

When personal data is no longer required, we will delete or anonymise it in a secure manner.

9. Third-Party Links

Our website may contain links to external websites operated by third parties, including government portals and professional bodies. These websites have their own privacy practices, which we do not control. We encourage you to review the privacy policies of any third-party sites you visit. Batik Legal is not responsible for the privacy practices of external sites.

10. Children's Privacy

Our services are intended for organisations and individuals aged 18 years or above. We do not knowingly collect personal data from children under 18. If we become aware that we have inadvertently collected such data, we will take steps to delete it promptly. Please contact us if you believe a minor has provided us with their personal data.

11. Policy Updates

We review this Privacy Policy periodically to reflect changes in our practices, applicable law, or regulatory guidance. When we make material changes, we will update the "Last Updated" date at the top of this page. For significant changes, we may notify existing clients by email.

Continued use of our website or services after changes take effect constitutes acceptance of the updated policy.

12. Contact Information

For questions, data access requests, or concerns regarding this Privacy Policy, please contact our designated Data Protection Officer:

Batik Legal

38 Beach Road, #29-11
South Beach Tower
Singapore 189767

Data Privacy Enquiries

privacy@batiklegalol

Response within 30 working days