Privacy Policy
Last Updated: September 2025
Apexxchaambe is committed to protecting your privacy and personal data. This policy explains how we collect, use, protect, and manage your information in accordance with Singapore's Personal Data Protection Act (PDPA) and international best practices.
Data Controller Information
Law Firm:
Apexxchaambe
Address:
16 Collyer Quay, Singapore 049318
Phone:
+65 6724 5183
Privacy Contact:
Information We Collect
1. Personal Information
We collect personal data that you provide directly to us:
- Contact Information: Name, email address, phone number, mailing address
- Professional Information: Company name, job title, business address
- Legal Matter Details: Information related to your legal consultation or case
- Communication Records: Messages, emails, and call records with our firm
- Financial Information: Billing information and payment details for services
2. Automatically Collected Information
We automatically collect certain information when you visit our website:
- Usage Data: Pages visited, time spent on site, click patterns
- Device Information: IP address, browser type, operating system
- Location Data: General geographic location based on IP address
- Cookie Data: Information stored through cookies and similar technologies
3. Third-Party Information
We may receive information from:
- Referral Sources: Other law firms, professional contacts, or clients who refer you
- Public Records: Court documents, regulatory filings, or other public information
- Professional Networks: Legal databases and professional directories
How We Use Your Information
Legal Basis for Processing
We process your personal data based on:
- Consent: For marketing communications and optional website features
- Contract Performance: To provide legal services you have requested
- Legitimate Interest: For business operations, security, and service improvement
- Legal Obligation: To comply with legal and regulatory requirements
- Vital Interests: To protect your or others' vital interests in emergency situations
Purposes of Data Use
Legal Services
- • Providing legal consultation and representation
- • Managing case files and legal documentation
- • Court filings and legal proceedings
- • Client communication and updates
Business Operations
- • Billing and payment processing
- • Appointment scheduling and management
- • Client relationship management
- • Service quality improvement
Communication
- • Responding to inquiries and requests
- • Sending service-related notifications
- • Marketing communications (with consent)
- • Legal and regulatory notices
Compliance
- • Legal and regulatory compliance
- • Anti-money laundering checks
- • Professional conduct requirements
- • Record keeping obligations
How We Protect Your Information
Security Measures
Technical Safeguards
- • SSL/TLS encryption for data transmission
- • Encrypted data storage and backups
- • Multi-factor authentication systems
- • Regular security audits and updates
- • Firewall and intrusion detection systems
Administrative Safeguards
- • Role-based access controls
- • Employee confidentiality agreements
- • Regular privacy training programs
- • Incident response procedures
- • Vendor security assessments
Data Retention
We retain your data for the following periods:
- Client Files: 7 years after case completion (legal requirement)
- Financial Records: 5 years after final payment (tax requirement)
- Marketing Data: Until consent is withdrawn
- Website Analytics: 26 months maximum
- Communication Records: 3 years for business communications
Data Breach Response
In the event of a data breach, we will notify the Personal Data Protection Commission within 72 hours if required by law, and inform affected individuals without undue delay when the breach poses a high risk to their rights and freedoms.
Information Sharing and Disclosure
We may share your information with:
- Service Providers: IT support, cloud storage, payment processors, and other vendors who assist in our operations
- Legal Counsel: External lawyers or experts when required for your case
- Court and Regulatory Bodies: When required by legal proceedings or regulatory compliance
- Professional Partners: Other law firms, accountants, or consultants working on your matter
- Law Enforcement: When required by law or to protect legal rights
International Data Transfers
When we transfer data outside Singapore, we ensure appropriate safeguards are in place, including adequacy decisions, standard contractual clauses, or binding corporate rules.
Your Rights and Choices
Under Singapore's Personal Data Protection Act, you have the following rights:
Access Rights
Request access to personal data we hold about you and receive a copy of your information.
Correction Rights
Request correction of inaccurate or incomplete personal data we hold about you.
Deletion Rights
Request deletion of your personal data, subject to legal and professional obligations.
Withdrawal of Consent
Withdraw consent for processing activities that are based on your consent.
Data Portability
Request transfer of your data to another organization in a structured format.
Object to Processing
Object to certain types of processing, including direct marketing.
How to Exercise Your Rights
To exercise any of these rights, contact us at [email protected] or call +65 6724 5183. We will respond to your request within 30 days. Some requests may require identity verification for security purposes.
Third-Party Services
Our website and services may include links to or integrate with third-party services:
Analytics Services
Google Analytics for website performance analysis (anonymized data)
Payment Processors
Secure payment gateways for billing and payment processing
Cloud Storage
Encrypted cloud storage for secure document management
Communication Tools
Email and video conferencing platforms for client communication
These services have their own privacy policies. We recommend reviewing their practices when you interact with them directly.
Contact Information and Complaints
Privacy Questions
For questions about this privacy policy or our data practices:
Filing Complaints
If you believe we have not addressed your privacy concerns adequately:
Singapore PDPC:
Personal Data Protection Commission
10 Pasir Panjang Road, #03-01
Mapletree Business City, Singapore 117438
Website: pdpc.gov.sg
Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you through our website or by email if you have provided your email address
- For significant changes, provide additional notice as required by law
- Give you the opportunity to review the changes before they take effect
We encourage you to review this privacy policy periodically to stay informed about how we protect your information.