Client satisfaction at Batik Legal

Client Experiences

What Our Clients Say About Their Experience

Data protection advisory is most useful when it actually changes how an organisation handles personal data. Here is what some of our clients have shared about working with Batik Legal.

← Back to Home

120+

Organisations assisted

4.9

Average satisfaction score

6+

Years in practice

95%

Client return rate

Client Reviews

Feedback from Singapore Organisations

"We engaged Batik Legal for a PDPA assessment before a significant expansion of our customer data systems. The gap analysis was thorough and, more importantly, the report was written in a way our operations team could actually follow. The prioritisation was helpful — we knew exactly what to address first."

JT

James Tan

Head of Operations · E-commerce, Singapore

February 2026

"When we realised we had a potential breach, I honestly did not know who to call. Batik Legal was recommended to us, and they responded quickly. They walked us through the notification obligations clearly, prepared the documents, and were calm throughout — which was what we needed in that situation."

PL

Priya Lakshminarayan

Director · Healthcare Services Provider

January 2026

"We are a 35-person professional services firm, and the DPO retainer has been exactly the right fit. Rather than trying to keep an in-house DPO across all the nuances of the PDPA, we have Batik Legal available when questions come up. The response time commitment has been reliable."

KC

Kevin Chan

Managing Partner · Advisory Firm, Singapore

March 2026

"What I appreciated about the compliance assessment was that it did not feel generic. They asked the right questions about our specific operations — data shared with overseas vendors, how we handle customer consent for marketing — and the report reflected that. It was not a template with our name on it."

RS

Rachel Sng

COO · SaaS Company, Singapore

February 2026

"We received a query from the PDPC and were unsure how to handle it. Batik Legal helped us understand what was being asked, structure our response appropriately, and engage with the commission in a calm and ordered way. The situation resolved without any escalation. That outcome spoke for itself."

AM

Anand Mehta

General Manager · Logistics Group, Singapore

January 2026

"The fee was agreed upfront, which helped us plan — we are a small business and open-ended legal billing creates a lot of uncertainty. The assessment was completed on schedule, and the debrief call was useful for clarifying the recommendations we were less clear on."

TW

Tan Wei Ling

Director · Retail Business, Singapore

March 2026

Case Studies

Client Situations and How We Helped

Three engagements that illustrate the range of situations we handle and the outcomes clients experienced.

PDPA Compliance Assessment

Technology Company Preparing for Institutional Clients

Situation

A 60-person technology company handling data for financial sector clients was asked by a prospective client to demonstrate their PDPA compliance position. They had not conducted a formal review and were unsure what documentation to provide.

Our Approach

We conducted a structured PDPA assessment covering their data processing activities, vendor arrangements, and consent mechanisms. The gap analysis identified four priority areas — including inadequate data processing agreements with sub-contractors and a missing retention policy.

Result

The company addressed the priority gaps within four weeks of receiving the report. They provided the gap analysis and subsequent remediation summary to the prospective client, and the relationship proceeded. The internal team now has a clearer framework for ongoing compliance management.

"The report gave us something concrete to share with the client — and with our own leadership team." — Operations Director

Data Breach Response

Healthcare Administrator Managing an Access Control Failure

Situation

A healthcare administration firm identified that a misconfigured system had exposed some patient data to unauthorised internal access. They were uncertain whether this constituted a notifiable breach under the PDPA and how to proceed.

Our Approach

We assessed the scope of the incident and the nature of the data involved. We determined that the incident met the threshold for mandatory notification and prepared the PDPC notification document and individual notification communications within the three-day window.

Result

The notification was submitted on time. The PDPC reviewed the matter and the organisation received guidance rather than enforcement action, in part due to the prompt and organised response. A post-incident review identified the configuration issue and addressed it.

"Having someone manage the notification process while we dealt with the operational side made a difficult situation more manageable." — CEO

DPO Retainer Support

Professional Services Firm Establishing a DPO Function

Situation

A 45-person accounting and advisory firm appointed a staff member as DPO, but that person had limited data protection background. They needed structured support to handle day-to-day queries and ensure their policies kept pace with regulatory changes.

Our Approach

We set up a monthly retainer providing agreed response times for queries, periodic policy reviews, and access to our team for DPIA guidance. The in-house DPO became the internal coordinator, with Batik Legal providing the specialist advisory layer.

Result

Twelve months into the retainer, the firm's internal DPO function operates with considerably more confidence. Their data protection notice and consent mechanisms were updated, and they have a documented process for handling access requests — something they previously lacked entirely.

"Our in-house DPO now knows what questions to ask and who to call. That is a real improvement." — Managing Partner

Contact

Ready to Discuss Your Situation?

We are glad to hear from organisations at any stage of their data protection journey. Contact us to arrange a conversation.

+65 6517 4823 info@batiklegalol 38 Beach Road, #29-11, Singapore 189767

Singapore Law Society

Accredited member practice, 2020–present

IAPP CIPP/A Certification

Certified Information Privacy Professional (Asia)

PDPC DPEX Network

Registered data protection service provider

Speak with an Adviser Today

A short initial conversation often helps clarify the right starting point for your organisation.

Get in Touch