Privacy Policy

Last Updated: September 2025

Apexxchaambe is committed to protecting your privacy and personal data. This policy explains how we collect, use, protect, and manage your information in accordance with Singapore's Personal Data Protection Act (PDPA) and international best practices.

Data Controller Information

Law Firm:

Apexxchaambe

Address:

16 Collyer Quay, Singapore 049318

Phone:

+65 6724 5183

Privacy Contact:

[email protected]

Information We Collect

1. Personal Information

We collect personal data that you provide directly to us:

  • Contact Information: Name, email address, phone number, mailing address
  • Professional Information: Company name, job title, business address
  • Legal Matter Details: Information related to your legal consultation or case
  • Communication Records: Messages, emails, and call records with our firm
  • Financial Information: Billing information and payment details for services

2. Automatically Collected Information

We automatically collect certain information when you visit our website:

  • Usage Data: Pages visited, time spent on site, click patterns
  • Device Information: IP address, browser type, operating system
  • Location Data: General geographic location based on IP address
  • Cookie Data: Information stored through cookies and similar technologies

3. Third-Party Information

We may receive information from:

  • Referral Sources: Other law firms, professional contacts, or clients who refer you
  • Public Records: Court documents, regulatory filings, or other public information
  • Professional Networks: Legal databases and professional directories

How We Use Your Information

Legal Basis for Processing

We process your personal data based on:

  • Consent: For marketing communications and optional website features
  • Contract Performance: To provide legal services you have requested
  • Legitimate Interest: For business operations, security, and service improvement
  • Legal Obligation: To comply with legal and regulatory requirements
  • Vital Interests: To protect your or others' vital interests in emergency situations

Purposes of Data Use

Legal Services

  • • Providing legal consultation and representation
  • • Managing case files and legal documentation
  • • Court filings and legal proceedings
  • • Client communication and updates

Business Operations

  • • Billing and payment processing
  • • Appointment scheduling and management
  • • Client relationship management
  • • Service quality improvement

Communication

  • • Responding to inquiries and requests
  • • Sending service-related notifications
  • • Marketing communications (with consent)
  • • Legal and regulatory notices

Compliance

  • • Legal and regulatory compliance
  • • Anti-money laundering checks
  • • Professional conduct requirements
  • • Record keeping obligations

How We Protect Your Information

Security Measures

Technical Safeguards

  • • SSL/TLS encryption for data transmission
  • • Encrypted data storage and backups
  • • Multi-factor authentication systems
  • • Regular security audits and updates
  • • Firewall and intrusion detection systems

Administrative Safeguards

  • • Role-based access controls
  • • Employee confidentiality agreements
  • • Regular privacy training programs
  • • Incident response procedures
  • • Vendor security assessments

Data Retention

We retain your data for the following periods:

  • Client Files: 7 years after case completion (legal requirement)
  • Financial Records: 5 years after final payment (tax requirement)
  • Marketing Data: Until consent is withdrawn
  • Website Analytics: 26 months maximum
  • Communication Records: 3 years for business communications

Data Breach Response

In the event of a data breach, we will notify the Personal Data Protection Commission within 72 hours if required by law, and inform affected individuals without undue delay when the breach poses a high risk to their rights and freedoms.

Information Sharing and Disclosure

We may share your information with:

  • Service Providers: IT support, cloud storage, payment processors, and other vendors who assist in our operations
  • Legal Counsel: External lawyers or experts when required for your case
  • Court and Regulatory Bodies: When required by legal proceedings or regulatory compliance
  • Professional Partners: Other law firms, accountants, or consultants working on your matter
  • Law Enforcement: When required by law or to protect legal rights

International Data Transfers

When we transfer data outside Singapore, we ensure appropriate safeguards are in place, including adequacy decisions, standard contractual clauses, or binding corporate rules.

Your Rights and Choices

Under Singapore's Personal Data Protection Act, you have the following rights:

Access Rights

Request access to personal data we hold about you and receive a copy of your information.

Correction Rights

Request correction of inaccurate or incomplete personal data we hold about you.

Deletion Rights

Request deletion of your personal data, subject to legal and professional obligations.

Withdrawal of Consent

Withdraw consent for processing activities that are based on your consent.

Data Portability

Request transfer of your data to another organization in a structured format.

Object to Processing

Object to certain types of processing, including direct marketing.

How to Exercise Your Rights

To exercise any of these rights, contact us at [email protected] or call +65 6724 5183. We will respond to your request within 30 days. Some requests may require identity verification for security purposes.

Third-Party Services

Our website and services may include links to or integrate with third-party services:

Analytics Services

Google Analytics for website performance analysis (anonymized data)

Payment Processors

Secure payment gateways for billing and payment processing

Cloud Storage

Encrypted cloud storage for secure document management

Communication Tools

Email and video conferencing platforms for client communication

These services have their own privacy policies. We recommend reviewing their practices when you interact with them directly.

Contact Information and Complaints

Privacy Questions

For questions about this privacy policy or our data practices:

Email: [email protected]

Phone: +65 6724 5183

Address: 16 Collyer Quay, Singapore 049318

Filing Complaints

If you believe we have not addressed your privacy concerns adequately:

Singapore PDPC:

Personal Data Protection Commission

10 Pasir Panjang Road, #03-01

Mapletree Business City, Singapore 117438

Website: pdpc.gov.sg

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you through our website or by email if you have provided your email address
  • For significant changes, provide additional notice as required by law
  • Give you the opportunity to review the changes before they take effect

We encourage you to review this privacy policy periodically to stay informed about how we protect your information.